Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/emboss-6.6.0+dfsg/ajax/acd/ajacd.h
Examining data/emboss-6.6.0+dfsg/ajax/acd/ajacd.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensoperon.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/enscoordsystem.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensmetacoordinate.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/enskaryotype.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensgvbaseadaptor.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensprediction.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensqcsubmission.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensassemblyexception.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensseqregion.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensrepeat.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/enssimple.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensgvsource.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensgvbaseadaptor.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/enssimple.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensregistry.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensprojectionsegment.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensassemblyexception.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensmarker.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensontology.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensgvsynonym.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensqcdatabase.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/enstranscript.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensassembly.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensqcsubmission.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensanalysis.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensdatabaseentry.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensdata.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/enssequenceedit.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensgvallele.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensseqregion.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensditag.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensgene.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensalign.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensmetainformation.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensexon.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensqcalignment.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensintron.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensmiscellaneous.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensanalysis.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/enstable.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensbaseadaptor.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensdatabaseadaptor.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensgvsample.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensqcalignment.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensmetacoordinate.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/enstranscript.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensgvdata.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensvariation.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensgvindividual.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensgvgenotype.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensmiscellaneous.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensstorable.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensfeature.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensdensity.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensmapper.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensdatabaseconnection.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensassemblymapper.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/enstable.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/enssoftware.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensgvindividual.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensattribute.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensvariation.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensgvdatabaseadaptor.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensqcsequence.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensontology.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensgvpopulation.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensqcvariation.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensmarker.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/enscache.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/enstranslation.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensgvsynonym.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensgvsource.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensexternaldatabase.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensdatabaseadaptor.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensgvvariation.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensexternaldatabase.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensqc.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensgvpopulation.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/enskaryotype.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensstorable.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensmetainformation.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensditag.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensoperon.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensdatabaseentry.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensgvattribute.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensintron.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/enssequenceedit.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensalign.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensqcvariation.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensexon.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensattribute.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensassemblymapper.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensrepeat.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensprojectionsegment.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensdensity.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensqcsequence.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensbaseadaptor.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensslice.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/enssequence.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensprotein.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensembl.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensregistry.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/enscoordsystem.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensgvattribute.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensprotein.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensqcdatabase.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensqc.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensprediction.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensqcdasfeature.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/enssequence.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensgene.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensfeature.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensqcdasfeature.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/enstranslation.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensgvdatabaseadaptor.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensutility.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensgvvariation.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensdatabaseconnection.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensgvgenotype.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensassembly.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensmapper.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/enssoftware.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensutility.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensgvallele.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensslice.h
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/ensgvsample.c
Examining data/emboss-6.6.0+dfsg/ajax/ensembl/enscache.c
Examining data/emboss-6.6.0+dfsg/ajax/graphics/ajgraph.c
Examining data/emboss-6.6.0+dfsg/ajax/graphics/ajgraphstruct.h
Examining data/emboss-6.6.0+dfsg/ajax/graphics/ajhist.c
Examining data/emboss-6.6.0+dfsg/ajax/graphics/ajgraph.h
Examining data/emboss-6.6.0+dfsg/ajax/graphics/ajhist.h
Examining data/emboss-6.6.0+dfsg/ajax/zlib/deflate.h
Examining data/emboss-6.6.0+dfsg/ajax/zlib/gzread.c
Examining data/emboss-6.6.0+dfsg/ajax/zlib/adler32.c
Examining data/emboss-6.6.0+dfsg/ajax/zlib/trees.h
Examining data/emboss-6.6.0+dfsg/ajax/zlib/infback.c
Examining data/emboss-6.6.0+dfsg/ajax/zlib/crc32.c
Examining data/emboss-6.6.0+dfsg/ajax/zlib/gzwrite.c
Examining data/emboss-6.6.0+dfsg/ajax/zlib/inffast.h
Examining data/emboss-6.6.0+dfsg/ajax/zlib/inftrees.h
Examining data/emboss-6.6.0+dfsg/ajax/zlib/zlib.h
Examining data/emboss-6.6.0+dfsg/ajax/zlib/zutil.h
Examining data/emboss-6.6.0+dfsg/ajax/zlib/inflate.h
Examining data/emboss-6.6.0+dfsg/ajax/zlib/compress.c
Examining data/emboss-6.6.0+dfsg/ajax/zlib/gzlib.c
Examining data/emboss-6.6.0+dfsg/ajax/zlib/inftrees.c
Examining data/emboss-6.6.0+dfsg/ajax/zlib/crc32.h
Examining data/emboss-6.6.0+dfsg/ajax/zlib/zlibemboss.h
Examining data/emboss-6.6.0+dfsg/ajax/zlib/zutil.c
Examining data/emboss-6.6.0+dfsg/ajax/zlib/inflate.c
Examining data/emboss-6.6.0+dfsg/ajax/zlib/uncompr.c
Examining data/emboss-6.6.0+dfsg/ajax/zlib/zconf.h
Examining data/emboss-6.6.0+dfsg/ajax/zlib/trees.c
Examining data/emboss-6.6.0+dfsg/ajax/zlib/inffixed.h
Examining data/emboss-6.6.0+dfsg/ajax/zlib/deflate.c
Examining data/emboss-6.6.0+dfsg/ajax/zlib/gzclose.c
Examining data/emboss-6.6.0+dfsg/ajax/zlib/inffast.c
Examining data/emboss-6.6.0+dfsg/ajax/zlib/gzguts.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajseq.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajvarread.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajfileio.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajfile.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajfmt.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajobodata.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajresourceread.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajurldata.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajbase.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajtext.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajreg.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajassert.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajtaxread.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajdomain.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajxmlwrite.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajtime.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajoboread.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajstr.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajmath.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajassert.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajrefseq.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajobo.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajphylo.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajrefseqread.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajsort.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajtax.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajmem.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajassem.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajresourcewrite.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajhttp.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajtranslate.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajpdb.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajnexus.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajrange.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajrange.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajassemdata.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajsys.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajseqdata.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajpdbio.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajseqabi.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajdan.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajtaxwrite.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajpdbio.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajrefseqwrite.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajexcept.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajxmlread.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajvarwrite.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajalign.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajftp.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajvarbcf.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajdmx.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajmatrices.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajtextread.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajobowrite.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajmess.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajobo.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajnam.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajtree.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajindex.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajtaxdata.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajxml.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajvector.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajbamindex.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajtextdata.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajsort.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajhttp.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajutil.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajdom.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajurlread.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajsql.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajdan.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajcod.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajcod.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajfeatdata.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajtranslate.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajtextread.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajurl.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajrefseqwrite.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajfeat.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajseqbam.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajtree.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajphylo.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajax.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajtextwrite.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajresource.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajdmx.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajmess.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajassemwrite.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajnexus.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajresourcewrite.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajlib.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajtax.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajseqtype.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajfileio.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajjava.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajurlwrite.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajalign.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajassem.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajtaxread.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajsql.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajquery.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajresource.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajseqabi.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajseqbam.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajnam.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajquery.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajfeatread.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajxmlread.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajfmt.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajrefseqread.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajrefseq.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajreport.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajseqwrite.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajmem.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajassemread.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajvar.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajarch.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajtagval.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajfiledata.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajrefseqdata.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajvarbcf.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajreport.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajcigar.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajseqwrite.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajtable.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajtaxwrite.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajdom.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajbase.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajxmlwrite.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajxmldata.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajfeat.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajseqtype.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajurlwrite.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajobowrite.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajtextwrite.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajassemread.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajexcept.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajassemwrite.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajindex.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajurlread.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajvarwrite.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajfiledata.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajlist.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajdomain.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajvector.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajtagval.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajtext.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajseqread.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajarr.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajtable.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajmatrices.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajsys.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajcall.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajtime.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajseq.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajurl.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajvardata.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajcigar.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajresourcedata.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajpdb.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajfeatread.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajcall.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajvar.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajjava.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajreg.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajseqread.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajlist.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajxml.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajoboread.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajvarread.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajfeatwrite.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajftp.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajmath.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajstr.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajpat.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajquerydata.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajpat.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajbamindex.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajutil.c
Examining data/emboss-6.6.0+dfsg/ajax/core/ajarr.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajdefine.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajresourceread.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajfeatwrite.h
Examining data/emboss-6.6.0+dfsg/ajax/core/ajfile.c
Examining data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajobodb.c
Examining data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajvardb.h
Examining data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajseqdb.h
Examining data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajassemdb.h
Examining data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajrefseqdb.c
Examining data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajdas.h
Examining data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajsoap.h
Examining data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajseqdb.c
Examining data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajtaxdb.c
Examining data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajfeatdb.c
Examining data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajresourcedb.c
Examining data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajfeatdb.h
Examining data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajxmldb.h
Examining data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajassemdb.c
Examining data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajsoap.c
Examining data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajvardb.c
Examining data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajurldb.c
Examining data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajmart.c
Examining data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajtaxdb.h
Examining data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajrefseqdb.h
Examining data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajdas.c
Examining data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajtextdb.c
Examining data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajxmldb.c
Examining data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajresourcedb.h
Examining data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajobodb.h
Examining data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajtextdb.h
Examining data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajmart.h
Examining data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajurldb.h
Examining data/emboss-6.6.0+dfsg/ajax/expat/xmlrole.c
Examining data/emboss-6.6.0+dfsg/ajax/expat/expatemboss.h
Examining data/emboss-6.6.0+dfsg/ajax/expat/expat_external.h
Examining data/emboss-6.6.0+dfsg/ajax/expat/ascii.h
Examining data/emboss-6.6.0+dfsg/ajax/expat/utf8tab.h
Examining data/emboss-6.6.0+dfsg/ajax/expat/iasciitab.h
Examining data/emboss-6.6.0+dfsg/ajax/expat/xmlparse.c
Examining data/emboss-6.6.0+dfsg/ajax/expat/expat.h
Examining data/emboss-6.6.0+dfsg/ajax/expat/internal.h
Examining data/emboss-6.6.0+dfsg/ajax/expat/nametab.h
Examining data/emboss-6.6.0+dfsg/ajax/expat/xmltok_impl.c
Examining data/emboss-6.6.0+dfsg/ajax/expat/asciitab.h
Examining data/emboss-6.6.0+dfsg/ajax/expat/xmltok_impl.h
Examining data/emboss-6.6.0+dfsg/ajax/expat/xmltok.h
Examining data/emboss-6.6.0+dfsg/ajax/expat/latin1tab.h
Examining data/emboss-6.6.0+dfsg/ajax/expat/expat_config.h
Examining data/emboss-6.6.0+dfsg/ajax/expat/xmltok.c
Examining data/emboss-6.6.0+dfsg/ajax/expat/xmlrole.h
Examining data/emboss-6.6.0+dfsg/ajax/expat/xmltok_ns.c
Examining data/emboss-6.6.0+dfsg/ajax/pcre/pcre_xclass.c
Examining data/emboss-6.6.0+dfsg/ajax/pcre/pcre_newline.c
Examining data/emboss-6.6.0+dfsg/ajax/pcre/pcre_tables.c
Examining data/emboss-6.6.0+dfsg/ajax/pcre/pcre_internal.h
Examining data/emboss-6.6.0+dfsg/ajax/pcre/pcreemboss.h
Examining data/emboss-6.6.0+dfsg/ajax/pcre/pcre_exec.c
Examining data/emboss-6.6.0+dfsg/ajax/pcre/pcre_globals.c
Examining data/emboss-6.6.0+dfsg/ajax/pcre/pcre_version.c
Examining data/emboss-6.6.0+dfsg/ajax/pcre/pcreposix.h
Examining data/emboss-6.6.0+dfsg/ajax/pcre/pcre_get.c
Examining data/emboss-6.6.0+dfsg/ajax/pcre/pcre_chartables.c
Examining data/emboss-6.6.0+dfsg/ajax/pcre/ucp.h
Examining data/emboss-6.6.0+dfsg/ajax/pcre/pcre.h
Examining data/emboss-6.6.0+dfsg/ajax/pcre/pcre_config.h
Examining data/emboss-6.6.0+dfsg/ajax/pcre/pcre_info.c
Examining data/emboss-6.6.0+dfsg/ajax/pcre/pcreposix.c
Examining data/emboss-6.6.0+dfsg/ajax/pcre/pcre_dfa_exec.c
Examining data/emboss-6.6.0+dfsg/ajax/pcre/pcre_try_flipped.c
Examining data/emboss-6.6.0+dfsg/ajax/pcre/pcre_fullinfo.c
Examining data/emboss-6.6.0+dfsg/ajax/pcre/pcre_study.c
Examining data/emboss-6.6.0+dfsg/ajax/pcre/pcre_compile.c
Examining data/emboss-6.6.0+dfsg/emboss/edamisformat.c
Examining data/emboss-6.6.0+dfsg/emboss/treetypedisplay.c
Examining data/emboss-6.6.0+dfsg/emboss/infoalign.c
Examining data/emboss-6.6.0+dfsg/emboss/notseq.c
Examining data/emboss-6.6.0+dfsg/emboss/embossversion.c
Examining data/emboss-6.6.0+dfsg/emboss/ontogetsibs.c
Examining data/emboss-6.6.0+dfsg/emboss/entret.c
Examining data/emboss-6.6.0+dfsg/emboss/feattext.c
Examining data/emboss-6.6.0+dfsg/emboss/acdc.c
Examining data/emboss-6.6.0+dfsg/emboss/intconv.c
Examining data/emboss-6.6.0+dfsg/emboss/jaspscan.c
Examining data/emboss-6.6.0+dfsg/emboss/eprimer32.c
Examining data/emboss-6.6.0+dfsg/emboss/acdgalaxy.c
Examining data/emboss-6.6.0+dfsg/emboss/newcpgseek.c
Examining data/emboss-6.6.0+dfsg/emboss/remap.c
Examining data/emboss-6.6.0+dfsg/emboss/ontoisobsolete.c
Examining data/emboss-6.6.0+dfsg/emboss/backtranseq.c
Examining data/emboss-6.6.0+dfsg/emboss/aligncopypair.c
Examining data/emboss-6.6.0+dfsg/emboss/sirna.c
Examining data/emboss-6.6.0+dfsg/emboss/sqltest.c
Examining data/emboss-6.6.0+dfsg/emboss/water.c
Examining data/emboss-6.6.0+dfsg/emboss/edamhasoutput.c
Examining data/emboss-6.6.0+dfsg/emboss/isochore.c
Examining data/emboss-6.6.0+dfsg/emboss/diffseq.c
Examining data/emboss-6.6.0+dfsg/emboss/seqretsetall.c
Examining data/emboss-6.6.0+dfsg/emboss/drfindid.c
Examining data/emboss-6.6.0+dfsg/emboss/ajtest.c
Examining data/emboss-6.6.0+dfsg/emboss/stssearch.c
Examining data/emboss-6.6.0+dfsg/emboss/dbtell.c
Examining data/emboss-6.6.0+dfsg/emboss/entrailswiki.c
Examining data/emboss-6.6.0+dfsg/emboss/dreg.c
Examining data/emboss-6.6.0+dfsg/emboss/taxget.c
Examining data/emboss-6.6.0+dfsg/emboss/drfinddata.c
Examining data/emboss-6.6.0+dfsg/emboss/helixturnhelix.c
Examining data/emboss-6.6.0+dfsg/emboss/tranalign.c
Examining data/emboss-6.6.0+dfsg/emboss/textget.c
Examining data/emboss-6.6.0+dfsg/emboss/drtext.c
Examining data/emboss-6.6.0+dfsg/emboss/syco.c
Examining data/emboss-6.6.0+dfsg/emboss/seqretsplit.c
Examining data/emboss-6.6.0+dfsg/emboss/dbxresource.c
Examining data/emboss-6.6.0+dfsg/emboss/domtestb.c
Examining data/emboss-6.6.0+dfsg/emboss/wordcount.c
Examining data/emboss-6.6.0+dfsg/emboss/silent.c
Examining data/emboss-6.6.0+dfsg/emboss/makeprotseq.c
Examining data/emboss-6.6.0+dfsg/emboss/jembossctl.c
Examining data/emboss-6.6.0+dfsg/emboss/dbxreport.c
Examining data/emboss-6.6.0+dfsg/emboss/taxgetup.c
Examining data/emboss-6.6.0+dfsg/emboss/sigcleave.c
Examining data/emboss-6.6.0+dfsg/emboss/taxgetdown.c
Examining data/emboss-6.6.0+dfsg/emboss/wossoperation.c
Examining data/emboss-6.6.0+dfsg/emboss/seqretallfeat.c
Examining data/emboss-6.6.0+dfsg/emboss/descseq.c
Examining data/emboss-6.6.0+dfsg/emboss/dan.c
Examining data/emboss-6.6.0+dfsg/emboss/jaspextract.c
Examining data/emboss-6.6.0+dfsg/emboss/findkm.c
Examining data/emboss-6.6.0+dfsg/emboss/seqxrefget.c
Examining data/emboss-6.6.0+dfsg/emboss/shuffleseq.c
Examining data/emboss-6.6.0+dfsg/emboss/dbiblast.c
Examining data/emboss-6.6.0+dfsg/emboss/banana.c
Examining data/emboss-6.6.0+dfsg/emboss/servertell.c
Examining data/emboss-6.6.0+dfsg/emboss/edialign.c
Examining data/emboss-6.6.0+dfsg/emboss/nthseqset.c
Examining data/emboss-6.6.0+dfsg/emboss/plotcon.c
Examining data/emboss-6.6.0+dfsg/emboss/trimspace.c
Examining data/emboss-6.6.0+dfsg/emboss/freak.c
Examining data/emboss-6.6.0+dfsg/emboss/msbar.c
Examining data/emboss-6.6.0+dfsg/emboss/entrails.c
Examining data/emboss-6.6.0+dfsg/emboss/drget.c
Examining data/emboss-6.6.0+dfsg/emboss/biosed.c
Examining data/emboss-6.6.0+dfsg/emboss/oddcomp.c
Examining data/emboss-6.6.0+dfsg/emboss/pepwindow.c
Examining data/emboss-6.6.0+dfsg/emboss/edamhasinput.c
Examining data/emboss-6.6.0+dfsg/emboss/embossdata.c
Examining data/emboss-6.6.0+dfsg/emboss/yank.c
Examining data/emboss-6.6.0+dfsg/emboss/cachedbfetch.c
Examining data/emboss-6.6.0+dfsg/emboss/nospace.c
Examining data/emboss-6.6.0+dfsg/emboss/martdatasets.c
Examining data/emboss-6.6.0+dfsg/emboss/cai.c
Examining data/emboss-6.6.0+dfsg/emboss/seqretsingle.c
Examining data/emboss-6.6.0+dfsg/emboss/martquery.c
Examining data/emboss-6.6.0+dfsg/emboss/dbxflat.c
Examining data/emboss-6.6.0+dfsg/emboss/entrailsbook.c
Examining data/emboss-6.6.0+dfsg/emboss/featcopy.c
Examining data/emboss-6.6.0+dfsg/emboss/vectorstrip.c
Examining data/emboss-6.6.0+dfsg/emboss/pasteseq.c
Examining data/emboss-6.6.0+dfsg/emboss/mwcontam.c
Examining data/emboss-6.6.0+dfsg/emboss/drfindresource.c
Examining data/emboss-6.6.0+dfsg/emboss/whichdb.c
Examining data/emboss-6.6.0+dfsg/emboss/dbiflat.c
Examining data/emboss-6.6.0+dfsg/emboss/codcmp.c
Examining data/emboss-6.6.0+dfsg/emboss/garnier.c
Examining data/emboss-6.6.0+dfsg/emboss/origunion.c
Examining data/emboss-6.6.0+dfsg/emboss/refseqget.c
Examining data/emboss-6.6.0+dfsg/emboss/domtestc.c
Examining data/emboss-6.6.0+dfsg/emboss/ontogetup.c
Examining data/emboss-6.6.0+dfsg/emboss/einverted.c
Examining data/emboss-6.6.0+dfsg/emboss/consambig.c
Examining data/emboss-6.6.0+dfsg/emboss/etandem.c
Examining data/emboss-6.6.0+dfsg/emboss/prophet.c
Examining data/emboss-6.6.0+dfsg/emboss/taxgetspecies.c
Examining data/emboss-6.6.0+dfsg/emboss/showpep.c
Examining data/emboss-6.6.0+dfsg/emboss/textsearch.c
Examining data/emboss-6.6.0+dfsg/emboss/antigenic.c
Examining data/emboss-6.6.0+dfsg/emboss/martseqs.c
Examining data/emboss-6.6.0+dfsg/emboss/maskfeat.c
Examining data/emboss-6.6.0+dfsg/emboss/sixpack.c
Examining data/emboss-6.6.0+dfsg/emboss/union.c
Examining data/emboss-6.6.0+dfsg/emboss/nthseq.c
Examining data/emboss-6.6.0+dfsg/emboss/plotorf.c
Examining data/emboss-6.6.0+dfsg/emboss/charge.c
Examining data/emboss-6.6.0+dfsg/emboss/godef.c
Examining data/emboss-6.6.0+dfsg/emboss/taxgetrank.c
Examining data/emboss-6.6.0+dfsg/emboss/featreport.c
Examining data/emboss-6.6.0+dfsg/emboss/dottup.c
Examining data/emboss-6.6.0+dfsg/emboss/coderet.c
Examining data/emboss-6.6.0+dfsg/emboss/edamname.c
Examining data/emboss-6.6.0+dfsg/emboss/domtestd.c
Examining data/emboss-6.6.0+dfsg/emboss/wossdata.c
Examining data/emboss-6.6.0+dfsg/emboss/stretcher.c
Examining data/emboss-6.6.0+dfsg/emboss/tcode.c
Examining data/emboss-6.6.0+dfsg/emboss/dotmatcher.c
Examining data/emboss-6.6.0+dfsg/emboss/revseq.c
Examining data/emboss-6.6.0+dfsg/emboss/embossupdate.c
Examining data/emboss-6.6.0+dfsg/emboss/compseq.c
Examining data/emboss-6.6.0+dfsg/emboss/mwfilter.c
Examining data/emboss-6.6.0+dfsg/emboss/dbfetchtest.c
Examining data/emboss-6.6.0+dfsg/emboss/abiview.c
Examining data/emboss-6.6.0+dfsg/emboss/epestfind.c
Examining data/emboss-6.6.0+dfsg/emboss/restrict.c
Examining data/emboss-6.6.0+dfsg/emboss/prima.c
Examining data/emboss-6.6.0+dfsg/emboss/lindna.c
Examining data/emboss-6.6.0+dfsg/emboss/cutseq.c
Examining data/emboss-6.6.0+dfsg/emboss/btwisted.c
Examining data/emboss-6.6.0+dfsg/emboss/octanol.c
Examining data/emboss-6.6.0+dfsg/emboss/seqret.c
Examining data/emboss-6.6.0+dfsg/emboss/listor.c
Examining data/emboss-6.6.0+dfsg/emboss/splitsource.c
Examining data/emboss-6.6.0+dfsg/emboss/cpgreport.c
Examining data/emboss-6.6.0+dfsg/emboss/eprimer3.c
Examining data/emboss-6.6.0+dfsg/emboss/primers.c
Examining data/emboss-6.6.0+dfsg/emboss/seqrettype.c
Examining data/emboss-6.6.0+dfsg/emboss/acdlog.c
Examining data/emboss-6.6.0+dfsg/emboss/skipredundant.c
Examining data/emboss-6.6.0+dfsg/emboss/showorf.c
Examining data/emboss-6.6.0+dfsg/emboss/cpgplot.c
Examining data/emboss-6.6.0+dfsg/emboss/matcher.c
Examining data/emboss-6.6.0+dfsg/emboss/profit.c
Examining data/emboss-6.6.0+dfsg/emboss/getorf.c
Examining data/emboss-6.6.0+dfsg/emboss/acdvalid.c
Examining data/emboss-6.6.0+dfsg/emboss/wossname.c
Examining data/emboss-6.6.0+dfsg/emboss/maskambignuc.c
Examining data/emboss-6.6.0+dfsg/emboss/goname.c
Examining data/emboss-6.6.0+dfsg/emboss/acdrelations.c
Examining data/emboss-6.6.0+dfsg/emboss/dbxtax.c
Examining data/emboss-6.6.0+dfsg/emboss/skipseq.c
Examining data/emboss-6.6.0+dfsg/emboss/patmatdb.c
Examining data/emboss-6.6.0+dfsg/emboss/iep.c
Examining data/emboss-6.6.0+dfsg/emboss/ontogetobsolete.c
Examining data/emboss-6.6.0+dfsg/emboss/dbifasta.c
Examining data/emboss-6.6.0+dfsg/emboss/degapseq.c
Examining data/emboss-6.6.0+dfsg/emboss/notab.c
Examining data/emboss-6.6.0+dfsg/emboss/variationget.c
Examining data/emboss-6.6.0+dfsg/emboss/newcoils.c
Examining data/emboss-6.6.0+dfsg/emboss/infobase.c
Examining data/emboss-6.6.0+dfsg/emboss/patmattest.c
Examining data/emboss-6.6.0+dfsg/emboss/dbxuncompress.c
Examining data/emboss-6.6.0+dfsg/emboss/rebaseextract.c
Examining data/emboss-6.6.0+dfsg/emboss/pepcoil.c
Examining data/emboss-6.6.0+dfsg/emboss/maskambigprot.c
Examining data/emboss-6.6.0+dfsg/emboss/hmoment.c
Examining data/emboss-6.6.0+dfsg/emboss/trimseq.c
Examining data/emboss-6.6.0+dfsg/emboss/seqmatchall.c
Examining data/emboss-6.6.0+dfsg/emboss/backtranambig.c
Examining data/emboss-6.6.0+dfsg/emboss/fuzzpro.c
Examining data/emboss-6.6.0+dfsg/emboss/martregistry.c
Examining data/emboss-6.6.0+dfsg/emboss/dotpath.c
Examining data/emboss-6.6.0+dfsg/emboss/cacheensembl.c
Examining data/emboss-6.6.0+dfsg/emboss/showserver.c
Examining data/emboss-6.6.0+dfsg/emboss/newcpgreport.c
Examining data/emboss-6.6.0+dfsg/emboss/density.c
Examining data/emboss-6.6.0+dfsg/emboss/emowse.c
Examining data/emboss-6.6.0+dfsg/emboss/ontotext.c
Examining data/emboss-6.6.0+dfsg/emboss/splitter.c
Examining data/emboss-6.6.0+dfsg/emboss/cusp.c
Examining data/emboss-6.6.0+dfsg/emboss/corbatest.c
Examining data/emboss-6.6.0+dfsg/emboss/pscan.c
Examining data/emboss-6.6.0+dfsg/emboss/seealso.c
Examining data/emboss-6.6.0+dfsg/emboss/inforesidue.c
Examining data/emboss-6.6.0+dfsg/emboss/wossparam.c
Examining data/emboss-6.6.0+dfsg/emboss/domtesta.c
Examining data/emboss-6.6.0+dfsg/emboss/wordfinder.c
Examining data/emboss-6.6.0+dfsg/emboss/dbxobo.c
Examining data/emboss-6.6.0+dfsg/emboss/dbxedam.c
Examining data/emboss-6.6.0+dfsg/emboss/codcopy.c
Examining data/emboss-6.6.0+dfsg/emboss/emma.c
Examining data/emboss-6.6.0+dfsg/emboss/geecee.c
Examining data/emboss-6.6.0+dfsg/emboss/edamdef.c
Examining data/emboss-6.6.0+dfsg/emboss/seqxref.c
Examining data/emboss-6.6.0+dfsg/emboss/ensembltest.c
Examining data/emboss-6.6.0+dfsg/emboss/prophecy.c
Examining data/emboss-6.6.0+dfsg/emboss/fuzztran.c
Examining data/emboss-6.6.0+dfsg/emboss/chips.c
Examining data/emboss-6.6.0+dfsg/emboss/cirdna.c
Examining data/emboss-6.6.0+dfsg/emboss/ontogetcommon.c
Examining data/emboss-6.6.0+dfsg/emboss/seqinfo.c
Examining data/emboss-6.6.0+dfsg/emboss/distmat.c
Examining data/emboss-6.6.0+dfsg/emboss/trimest.c
Examining data/emboss-6.6.0+dfsg/emboss/pepstats.c
Examining data/emboss-6.6.0+dfsg/emboss/assemblyget.c
Examining data/emboss-6.6.0+dfsg/emboss/extractfeat.c
Examining data/emboss-6.6.0+dfsg/emboss/edamisid.c
Examining data/emboss-6.6.0+dfsg/emboss/infoseq.c
Examining data/emboss-6.6.0+dfsg/emboss/patmatmotifs.c
Examining data/emboss-6.6.0+dfsg/emboss/psiphi.c
Examining data/emboss-6.6.0+dfsg/emboss/redata.c
Examining data/emboss-6.6.0+dfsg/emboss/showdb.c
Examining data/emboss-6.6.0+dfsg/emboss/ontoget.c
Examining data/emboss-6.6.0+dfsg/emboss/xmltext.c
Examining data/emboss-6.6.0+dfsg/emboss/seqretset.c
Examining data/emboss-6.6.0+dfsg/emboss/supermatcher.c
Examining data/emboss-6.6.0+dfsg/emboss/acdtrace.c
Examining data/emboss-6.6.0+dfsg/emboss/primersearch.c
Examining data/emboss-6.6.0+dfsg/emboss/prettyplot.c
Examining data/emboss-6.6.0+dfsg/emboss/printsextract.c
Examining data/emboss-6.6.0+dfsg/emboss/twofeat.c
Examining data/emboss-6.6.0+dfsg/emboss/tfscan.c
Examining data/emboss-6.6.0+dfsg/emboss/seqretall.c
Examining data/emboss-6.6.0+dfsg/emboss/edamclean.c
Examining data/emboss-6.6.0+dfsg/emboss/acdpretty.c
Examining data/emboss-6.6.0+dfsg/emboss/chaos.c
Examining data/emboss-6.6.0+dfsg/emboss/recoder.c
Examining data/emboss-6.6.0+dfsg/emboss/maskseq.c
Examining data/emboss-6.6.0+dfsg/emboss/drfindformat.c
Examining data/emboss-6.6.0+dfsg/emboss/martattributes.c
Examining data/emboss-6.6.0+dfsg/emboss/entrailshtml.c
Examining data/emboss-6.6.0+dfsg/emboss/ontocount.c
Examining data/emboss-6.6.0+dfsg/emboss/histogramtest.c
Examining data/emboss-6.6.0+dfsg/emboss/dbxstat.c
Examining data/emboss-6.6.0+dfsg/emboss/dbxgcg.c
Examining data/emboss-6.6.0+dfsg/emboss/cachedas.c
Examining data/emboss-6.6.0+dfsg/emboss/aaindexextract.c
Examining data/emboss-6.6.0+dfsg/emboss/transeq.c
Examining data/emboss-6.6.0+dfsg/emboss/wobble.c
Examining data/emboss-6.6.0+dfsg/emboss/nohtml.c
Examining data/emboss-6.6.0+dfsg/emboss/pepnet.c
Examining data/emboss-6.6.0+dfsg/emboss/xmlget.c
Examining data/emboss-6.6.0+dfsg/emboss/martfilters.c
Examining data/emboss-6.6.0+dfsg/emboss/est2genome.c
Examining data/emboss-6.6.0+dfsg/emboss/pepdigest.c
Examining data/emboss-6.6.0+dfsg/emboss/aligncopy.c
Examining data/emboss-6.6.0+dfsg/emboss/needleall.c
Examining data/emboss-6.6.0+dfsg/emboss/extractalign.c
Examining data/emboss-6.6.0+dfsg/emboss/fuzznuc.c
Examining data/emboss-6.6.0+dfsg/emboss/cons.c
Examining data/emboss-6.6.0+dfsg/emboss/ontogetdown.c
Examining data/emboss-6.6.0+dfsg/emboss/preg.c
Examining data/emboss-6.6.0+dfsg/emboss/checktrans.c
Examining data/emboss-6.6.0+dfsg/emboss/pepinfo.c
Examining data/emboss-6.6.0+dfsg/emboss/wossoutput.c
Examining data/emboss-6.6.0+dfsg/emboss/needle.c
Examining data/emboss-6.6.0+dfsg/emboss/tfextract.c
Examining data/emboss-6.6.0+dfsg/emboss/testplot.c
Examining data/emboss-6.6.0+dfsg/emboss/sizeseq.c
Examining data/emboss-6.6.0+dfsg/emboss/featmerge.c
Examining data/emboss-6.6.0+dfsg/emboss/infoassembly.c
Examining data/emboss-6.6.0+dfsg/emboss/wordmatch.c
Examining data/emboss-6.6.0+dfsg/emboss/prettyseq.c
Examining data/emboss-6.6.0+dfsg/emboss/dbxcompress.c
Examining data/emboss-6.6.0+dfsg/emboss/prosextract.c
Examining data/emboss-6.6.0+dfsg/emboss/ontogetroot.c
Examining data/emboss-6.6.0+dfsg/emboss/showfeat.c
Examining data/emboss-6.6.0+dfsg/emboss/extractseq.c
Examining data/emboss-6.6.0+dfsg/emboss/polydot.c
Examining data/emboss-6.6.0+dfsg/emboss/pepwheel.c
Examining data/emboss-6.6.0+dfsg/emboss/cacheebeyesearch.c
Examining data/emboss-6.6.0+dfsg/emboss/noreturn.c
Examining data/emboss-6.6.0+dfsg/emboss/marscan.c
Examining data/emboss-6.6.0+dfsg/emboss/showseq.c
Examining data/emboss-6.6.0+dfsg/emboss/origsplitter.c
Examining data/emboss-6.6.0+dfsg/emboss/restover.c
Examining data/emboss-6.6.0+dfsg/emboss/palindrome.c
Examining data/emboss-6.6.0+dfsg/emboss/acdxsd.c
Examining data/emboss-6.6.0+dfsg/emboss/complex.c
Examining data/emboss-6.6.0+dfsg/emboss/pepwindowall.c
Examining data/emboss-6.6.0+dfsg/emboss/wossinput.c
Examining data/emboss-6.6.0+dfsg/emboss/cutgextract.c
Examining data/emboss-6.6.0+dfsg/emboss/makenucseq.c
Examining data/emboss-6.6.0+dfsg/emboss/wosstopic.c
Examining data/emboss-6.6.0+dfsg/emboss/megamerger.c
Examining data/emboss-6.6.0+dfsg/emboss/dastest.c
Examining data/emboss-6.6.0+dfsg/emboss/equicktandem.c
Examining data/emboss-6.6.0+dfsg/emboss/dbigcg.c
Examining data/emboss-6.6.0+dfsg/emboss/merger.c
Examining data/emboss-6.6.0+dfsg/emboss/showalign.c
Examining data/emboss-6.6.0+dfsg/emboss/acdtable.c
Examining data/emboss-6.6.0+dfsg/emboss/seqcount.c
Examining data/emboss-6.6.0+dfsg/emboss/urlget.c
Examining data/emboss-6.6.0+dfsg/emboss/newseq.c
Examining data/emboss-6.6.0+dfsg/emboss/dbxfasta.c
Examining data/emboss-6.6.0+dfsg/emboss/tmap.c
Examining data/emboss-6.6.0+dfsg/emboss/tfm.c
Examining data/emboss-6.6.0+dfsg/scripts/winchkexes.c
Examining data/emboss-6.6.0+dfsg/scripts/bundlewin.c
Examining data/emboss-6.6.0+dfsg/scripts/makeam.c
Examining data/emboss-6.6.0+dfsg/scripts/compembassy.c
Examining data/emboss-6.6.0+dfsg/scripts/mkembassy.c
Examining data/emboss-6.6.0+dfsg/plplot/ljii.c
Examining data/emboss-6.6.0+dfsg/plplot/plcore.c
Examining data/emboss-6.6.0+dfsg/plplot/disptab.h
Examining data/emboss-6.6.0+dfsg/plplot/plcvt.c
Examining data/emboss-6.6.0+dfsg/plplot/plbuf.c
Examining data/emboss-6.6.0+dfsg/plplot/plwind.c
Examining data/emboss-6.6.0+dfsg/plplot/plsdef.c
Examining data/emboss-6.6.0+dfsg/plplot/plvpor.c
Examining data/emboss-6.6.0+dfsg/plplot/ps.h
Examining data/emboss-6.6.0+dfsg/plplot/data.c
Examining data/emboss-6.6.0+dfsg/plplot/plstdio.c
Examining data/emboss-6.6.0+dfsg/plplot/plot3d.c
Examining data/emboss-6.6.0+dfsg/plplot/drivers.h
Examining data/emboss-6.6.0+dfsg/plplot/pdf.h
Examining data/emboss-6.6.0+dfsg/plplot/plctrl.c
Examining data/emboss-6.6.0+dfsg/plplot/plfci-type1.h
Examining data/emboss-6.6.0+dfsg/plplot/metadefs.h
Examining data/emboss-6.6.0+dfsg/plplot/plmap.c
Examining data/emboss-6.6.0+dfsg/plplot/plline.c
Examining data/emboss-6.6.0+dfsg/plplot/plevent.h
Examining data/emboss-6.6.0+dfsg/plplot/pldll.h
Examining data/emboss-6.6.0+dfsg/plplot/plsym.c
Examining data/emboss-6.6.0+dfsg/plplot/pltick.c
Examining data/emboss-6.6.0+dfsg/plplot/plfill.c
Examining data/emboss-6.6.0+dfsg/plplot/plhist.c
Examining data/emboss-6.6.0+dfsg/plplot/plplot.h
Examining data/emboss-6.6.0+dfsg/plplot/plimage.c
Examining data/emboss-6.6.0+dfsg/plplot/plhershey-unicode.h
Examining data/emboss-6.6.0+dfsg/plplot/plpage.c
Examining data/emboss-6.6.0+dfsg/plplot/pdf.c
Examining data/emboss-6.6.0+dfsg/plplot/ps.c
Examining data/emboss-6.6.0+dfsg/plplot/gd.c
Examining data/emboss-6.6.0+dfsg/plplot/pbm.c
Examining data/emboss-6.6.0+dfsg/plplot/plshade.c
Examining data/emboss-6.6.0+dfsg/plplot/svg.c
Examining data/emboss-6.6.0+dfsg/plplot/impress.c
Examining data/emboss-6.6.0+dfsg/plplot/plstrm.h
Examining data/emboss-6.6.0+dfsg/plplot/tek.c
Examining data/emboss-6.6.0+dfsg/plplot/plunicode-type1.h
Examining data/emboss-6.6.0+dfsg/plplot/pldtik.c
Examining data/emboss-6.6.0+dfsg/plplot/ljiip.c
Examining data/emboss-6.6.0+dfsg/plplot/plcore.h
Examining data/emboss-6.6.0+dfsg/plplot/plConfig.h
Examining data/emboss-6.6.0+dfsg/plplot/plstripc.c
Examining data/emboss-6.6.0+dfsg/plplot/null.c
Examining data/emboss-6.6.0+dfsg/plplot/plbox.c
Examining data/emboss-6.6.0+dfsg/plplot/plmeta.c
Examining data/emboss-6.6.0+dfsg/plplot/pldebug.h
Examining data/emboss-6.6.0+dfsg/plplot/plcont.c
Examining data/emboss-6.6.0+dfsg/plplot/plvect.c
Examining data/emboss-6.6.0+dfsg/plplot/plargs.c
Examining data/emboss-6.6.0+dfsg/plplot/plxwd.h
Examining data/emboss-6.6.0+dfsg/plplot/plDevs.h
Examining data/emboss-6.6.0+dfsg/plplot/xwin.c
Examining data/emboss-6.6.0+dfsg/plplot/pdfutils.c
Examining data/emboss-6.6.0+dfsg/plplot/xfig.c
Examining data/emboss-6.6.0+dfsg/plplot/hpgl.c
Examining data/emboss-6.6.0+dfsg/plplot/plplotP.h
Examining data/emboss-6.6.0+dfsg/nucleus/embaln.c
Examining data/emboss-6.6.0+dfsg/nucleus/embindex.h
Examining data/emboss-6.6.0+dfsg/nucleus/embdbi.h
Examining data/emboss-6.6.0+dfsg/nucleus/embcons.c
Examining data/emboss-6.6.0+dfsg/nucleus/embdata.h
Examining data/emboss-6.6.0+dfsg/nucleus/embdmx.c
Examining data/emboss-6.6.0+dfsg/nucleus/embinit.c
Examining data/emboss-6.6.0+dfsg/nucleus/embcons.h
Examining data/emboss-6.6.0+dfsg/nucleus/embpdb.h
Examining data/emboss-6.6.0+dfsg/nucleus/embdbi.c
Examining data/emboss-6.6.0+dfsg/nucleus/embshow.h
Examining data/emboss-6.6.0+dfsg/nucleus/embindex.c
Examining data/emboss-6.6.0+dfsg/nucleus/embest.c
Examining data/emboss-6.6.0+dfsg/nucleus/embmisc.c
Examining data/emboss-6.6.0+dfsg/nucleus/embiep.c
Examining data/emboss-6.6.0+dfsg/nucleus/embexit.h
Examining data/emboss-6.6.0+dfsg/nucleus/embinit.h
Examining data/emboss-6.6.0+dfsg/nucleus/embpat.h
Examining data/emboss-6.6.0+dfsg/nucleus/embmol.h
Examining data/emboss-6.6.0+dfsg/nucleus/embprop.c
Examining data/emboss-6.6.0+dfsg/nucleus/embdomain.c
Examining data/emboss-6.6.0+dfsg/nucleus/embmisc.h
Examining data/emboss-6.6.0+dfsg/nucleus/embdmx.h
Examining data/emboss-6.6.0+dfsg/nucleus/embcom.c
Examining data/emboss-6.6.0+dfsg/nucleus/embpatlist.h
Examining data/emboss-6.6.0+dfsg/nucleus/embmat.c
Examining data/emboss-6.6.0+dfsg/nucleus/embnmer.c
Examining data/emboss-6.6.0+dfsg/nucleus/embiep.h
Examining data/emboss-6.6.0+dfsg/nucleus/embword.c
Examining data/emboss-6.6.0+dfsg/nucleus/embshow.c
Examining data/emboss-6.6.0+dfsg/nucleus/embsig.h
Examining data/emboss-6.6.0+dfsg/nucleus/embgroup.c
Examining data/emboss-6.6.0+dfsg/nucleus/emboss.h
Examining data/emboss-6.6.0+dfsg/nucleus/embaln.h
Examining data/emboss-6.6.0+dfsg/nucleus/embpdb.c
Examining data/emboss-6.6.0+dfsg/nucleus/embnmer.h
Examining data/emboss-6.6.0+dfsg/nucleus/embread.c
Examining data/emboss-6.6.0+dfsg/nucleus/embest.h
Examining data/emboss-6.6.0+dfsg/nucleus/embdata.c
Examining data/emboss-6.6.0+dfsg/nucleus/embsig.c
Examining data/emboss-6.6.0+dfsg/nucleus/embgroup.h
Examining data/emboss-6.6.0+dfsg/nucleus/embprop.h
Examining data/emboss-6.6.0+dfsg/nucleus/embpatlist.c
Examining data/emboss-6.6.0+dfsg/nucleus/embread.h
Examining data/emboss-6.6.0+dfsg/nucleus/embmat.h
Examining data/emboss-6.6.0+dfsg/nucleus/embmol.c
Examining data/emboss-6.6.0+dfsg/nucleus/embpat.c
Examining data/emboss-6.6.0+dfsg/nucleus/embexit.c
Examining data/emboss-6.6.0+dfsg/nucleus/embword.h
Examining data/emboss-6.6.0+dfsg/nucleus/embcom.h
Examining data/emboss-6.6.0+dfsg/nucleus/embdomain.h

FINAL RESULTS:

data/emboss-6.6.0+dfsg/plplot/plctrl.c:1396:17:  [5] (race) readlink:
  This accepts filename arguments; if an attacker can move those files or
  change the link content, a race condition results. Also, it does not
  terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
    while ((n = readlink(p, buf, 1024)) > 0) {
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:64:9:  [5] (race) chmod:
  This accepts filename arguments; if an attacker can move those files, a
  race condition results. (CWE-362). Use fchmod( ) instead.
#define chmod _chmod
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2921:5:  [5] (race) chmod:
  This accepts filename arguments; if an attacker can move those files, a
  race condition results. (CWE-362). Use fchmod( ) instead.
    chmod(filename,0755);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:3062:2:  [5] (race) chmod:
  This accepts filename arguments; if an attacker can move those files, a
  race condition results. (CWE-362). Use fchmod( ) instead.
	chmod(filename,0755);
data/emboss-6.6.0+dfsg/ajax/core/ajbamindex.c:863:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(fnidx, fn); strcat(fnidx, ".bai");
data/emboss-6.6.0+dfsg/ajax/core/ajbamindex.c:872:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy(fnidx, fn);
data/emboss-6.6.0+dfsg/ajax/core/ajbamindex.c:931:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(fnidx, fn); strcat(fnidx, ".bai");
data/emboss-6.6.0+dfsg/ajax/core/ajfmt.c:891:9:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
        sprintf(buf, fmt, va_arg(VA_V(ap), double));
data/emboss-6.6.0+dfsg/ajax/core/ajfmt.c:1076:9:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
        strcat(buf, yr);
data/emboss-6.6.0+dfsg/ajax/core/ajfmt.c:3548:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(val, ajStrGetPtr(t));
data/emboss-6.6.0+dfsg/ajax/core/ajfmt.c:4140:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(*val, ajStrGetPtr(t));
data/emboss-6.6.0+dfsg/ajax/core/ajindex.c:5333:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf((char *)lptr,"%s",ajStrGetPtr(id->id));
data/emboss-6.6.0+dfsg/ajax/core/ajindex.c:5634:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy((char *)endptr,MAJSTRGETPTR(id->id));
data/emboss-6.6.0+dfsg/ajax/core/ajindex.c:7398:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf((char *)keyptr,"%s",ajStrGetPtr(keys[i]));
data/emboss-6.6.0+dfsg/ajax/core/ajindex.c:7506:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf((char *)keyptr,"%s",MAJSTRGETPTR(key));
data/emboss-6.6.0+dfsg/ajax/core/ajindex.c:12142:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf((char *)lptr,"%s",ajStrGetPtr(pri->keyword));
data/emboss-6.6.0+dfsg/ajax/core/ajindex.c:12340:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy((char *)endptr,MAJSTRGETPTR(keyword));
data/emboss-6.6.0+dfsg/ajax/core/ajindex.c:13935:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf((char *)lptr,"%s",MAJSTRGETPTR(sec));
data/emboss-6.6.0+dfsg/ajax/core/ajindex.c:15208:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy((char *)endptr,MAJSTRGETPTR(id));
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:625:9:  [4] (crypto) crypt:
  The crypt functions use a poor one-way hashing algorithm; since they only
  accept passwords of 8 characters or fewer and only a two-byte salt, they
  are excessively vulnerable to dictionary attacks given today's faster
  computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
  with a larger, non-repeating salt.
    p = crypt(ajStrGetPtr(password),shadow->sp_pwdp);
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:693:9:  [4] (crypto) crypt:
  The crypt functions use a poor one-way hashing algorithm; since they only
  accept passwords of 8 characters or fewer and only a two-byte salt, they
  are excessively vulnerable to dictionary attacks given today's faster
  computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
  with a larger, non-repeating salt.
    p = crypt(ajStrGetPtr(password),shadow->sp_pwdp);
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:736:9:  [4] (crypto) crypt:
  The crypt functions use a poor one-way hashing algorithm; since they only
  accept passwords of 8 characters or fewer and only a two-byte salt, they
  are excessively vulnerable to dictionary attacks given today's faster
  computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
  with a larger, non-repeating salt.
    p = crypt(ajStrGetPtr(password),shadow->upw_passwd);
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:781:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(epwd,shadow->sp_pwdp);
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:798:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(epwd,pwd->pw_passwd);
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:804:9:  [4] (crypto) crypt:
  The crypt functions use a poor one-way hashing algorithm; since they only
  accept passwords of 8 characters or fewer and only a two-byte salt, they
  are excessively vulnerable to dictionary attacks given today's faster
  computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
  with a larger, non-repeating salt.
    p = crypt(ajStrGetPtr(password),epwd);
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:844:9:  [4] (crypto) crypt:
  The crypt functions use a poor one-way hashing algorithm; since they only
  accept passwords of 8 characters or fewer and only a two-byte salt, they
  are excessively vulnerable to dictionary attacks given today's faster
  computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
  with a larger, non-repeating salt.
    p = crypt(ajStrGetPtr(password),pwd->pw_passwd);
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:897:9:  [4] (crypto) crypt:
  The crypt functions use a poor one-way hashing algorithm; since they only
  accept passwords of 8 characters or fewer and only a two-byte salt, they
  are excessively vulnerable to dictionary attacks given today's faster
  computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
  with a larger, non-repeating salt.
    p = crypt(ajStrGetPtr(password),pwd->pw_passwd);
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:1747:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    n = sprintf(buf,"%d %s %s",EMBOSS_FORK,cuser,cpass);
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:1749:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(p,"%s",ajStrGetPtr(clemboss));
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:1751:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(p,"%s",ajStrGetPtr(envi));
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:1753:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(p,"%s",ajStrGetPtr(dir));
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:1796:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    n = sprintf(buf,"%d %s %s",BATCH_FORK,cuser,cpass);
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:1798:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(p,"%s",ajStrGetPtr(clemboss));
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:1800:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(p,"%s",ajStrGetPtr(envi));
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:1802:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(p,"%s",ajStrGetPtr(dir));
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:1842:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    n = sprintf(buf,"%d %s %s",MAKE_DIRECTORY,cuser,cpass);
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:1844:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(p,"%s",ajStrGetPtr(dir));
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:1884:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    n = sprintf(buf,"%d %s %s",DELETE_FILE,cuser,cpass);
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:1886:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(p,"%s",ajStrGetPtr(ufile));
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:1927:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    n = sprintf(buf,"%d %s %s",RENAME_FILE,cuser,cpass);
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:1929:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(p,"%s",ajStrGetPtr(ufile));
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:1931:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(p,"%s",ajStrGetPtr(u2file));
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:1971:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    n = sprintf(buf,"%d %s %s",DELETE_DIR,cuser,cpass);
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:1973:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(p,"%s",ajStrGetPtr(dir));
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:2013:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    n = sprintf(buf,"%d %s %s",LIST_FILES,cuser,cpass);
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:2015:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(p,"%s",ajStrGetPtr(dir));
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:2055:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    n = sprintf(buf,"%d %s %s",LIST_DIRS,cuser,cpass);
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:2057:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(p,"%s",ajStrGetPtr(dir));
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:2101:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    n = sprintf(buf,"%d %s %s",GET_FILE,cuser,cpass);
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:2103:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(p,"%s",ajStrGetPtr(file));
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:2189:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    n = sprintf(buf,"%d %s %s",PUT_FILE,cuser,cpass);
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:2191:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(p,"%s",ajStrGetPtr(file));
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:2294:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    n = sprintf(buf,"%d %s %s",SEQ_ATTRIB,cuser,cpass);
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:2296:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(p,"%s",ajStrGetPtr(usa));
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:2336:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    n = sprintf(buf,"%d %s %s",SEQSET_ATTRIB,cuser,cpass);
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:2338:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(p,"%s",ajStrGetPtr(usa));
data/emboss-6.6.0+dfsg/ajax/core/ajmess.c:1026:7:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	rc = sprintf(prefix, CRASH_PREFIX_FORMAT, MESG_TITLE,
data/emboss-6.6.0+dfsg/ajax/core/ajmess.c:1029:7:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	rc = sprintf(prefix, FULL_CRASH_PREFIX_FORMAT, MESG_TITLE,
data/emboss-6.6.0+dfsg/ajax/core/ajmess.c:1090:7:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	rc = sprintf(prefix, CRASH_PREFIX_FORMAT, MESG_TITLE,
data/emboss-6.6.0+dfsg/ajax/core/ajmess.c:1093:7:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	rc = sprintf(prefix, FULL_CRASH_PREFIX_FORMAT, MESG_TITLE,
data/emboss-6.6.0+dfsg/ajax/core/ajmess.c:1250:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	if(!strcpy(buf_ptr, prefix))
data/emboss-6.6.0+dfsg/ajax/core/ajmess.c:1531:5:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
	if(sscanf(line,"%s %s",name,message)!=2)
data/emboss-6.6.0+dfsg/ajax/core/ajnam.c:6621:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(namInstallRoot, ajStrGetPtr(tmpstr));
data/emboss-6.6.0+dfsg/ajax/core/ajnam.c:6623:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(namInstallRoot,prefixRoot);
data/emboss-6.6.0+dfsg/ajax/core/ajseqwrite.c:8511:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy( nocountsymbols, defNocountSymbols);
data/emboss-6.6.0+dfsg/ajax/core/ajseqwrite.c:8554:3:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
		fprintf(outf, nameform, idword);
data/emboss-6.6.0+dfsg/ajax/core/ajseqwrite.c:8559:7:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
		    fprintf(outf, numform, "");
data/emboss-6.6.0+dfsg/ajax/core/ajseqwrite.c:8561:7:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
		    fprintf(outf, numform, ibase);
data/emboss-6.6.0+dfsg/ajax/core/ajseqwrite.c:8630:7:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
		    fprintf(outf,numform, ibase-1);
data/emboss-6.6.0+dfsg/ajax/core/ajseqwrite.c:8633:7:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
		    fprintf(outf, nameform,idword);
data/emboss-6.6.0+dfsg/ajax/core/ajsys.c:1443:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(p,dupstr);
data/emboss-6.6.0+dfsg/ajax/core/ajsys.c:1636:2:  [4] (shell) execv:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
	execv(ajStrGetPtr(pname), argptr);
data/emboss-6.6.0+dfsg/ajax/core/ajsys.c:1868:2:  [4] (shell) execv:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
	execv(ajStrGetPtr(pname), argptr);
data/emboss-6.6.0+dfsg/ajax/core/ajsys.c:1996:2:  [4] (shell) execv:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
	execv(ajStrGetPtr(pname), argptr);
data/emboss-6.6.0+dfsg/ajax/core/ajsys.c:2150:2:  [4] (shell) execv:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
	execv(ajStrGetPtr(pname), argptr);
data/emboss-6.6.0+dfsg/ajax/core/ajsys.c:2312:2:  [4] (shell) execv:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
	execv(ajStrGetPtr(pname), argptr);
data/emboss-6.6.0+dfsg/ajax/core/ajsys.c:2473:2:  [4] (shell) execv:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
	execv(ajStrGetPtr(pname), argptr);
data/emboss-6.6.0+dfsg/ajax/core/ajsys.c:2614:2:  [4] (shell) execvp:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
	execvp(ajStrGetPtr(pname), argptr);
data/emboss-6.6.0+dfsg/ajax/core/ajsys.c:2770:2:  [4] (shell) execv:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
	execv(pgm, argptr);
data/emboss-6.6.0+dfsg/ajax/core/ajsys.c:3367:2:  [4] (shell) execvp:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
	execvp(pgm, arglist);
data/emboss-6.6.0+dfsg/ajax/core/ajtranslate.c:2390:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
				strcat(aalist, newaa);
data/emboss-6.6.0+dfsg/ajax/pcre/pcre_internal.h:78:20:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#define DPRINTF(p) printf p
data/emboss-6.6.0+dfsg/ajax/pcre/pcreposix.c:180:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(errbuf, "%s%s%-6d", message, addmessage, (int)preg->re_erroffset);
data/emboss-6.6.0+dfsg/ajax/zlib/gzguts.h:36:11:  [4] (format) vsnprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
#  define vsnprintf _vsnprintf
data/emboss-6.6.0+dfsg/ajax/zlib/gzlib.c:156:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(state->path, path);
data/emboss-6.6.0+dfsg/ajax/zlib/gzlib.c:514:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(state->msg, state->path);
data/emboss-6.6.0+dfsg/ajax/zlib/gzlib.c:516:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(state->msg, msg);
data/emboss-6.6.0+dfsg/ajax/zlib/gzwrite.c:319:11:  [4] (format) vsprintf:
  Potential format string problem (CWE-134). Make format string constant.
    (void)vsprintf(state->in, format, va);
data/emboss-6.6.0+dfsg/ajax/zlib/gzwrite.c:324:11:  [4] (format) vsprintf:
  Potential format string problem (CWE-134). Make format string constant.
    len = vsprintf(state->in, format, va);
data/emboss-6.6.0+dfsg/ajax/zlib/gzwrite.c:329:11:  [4] (format) vsnprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    (void)vsnprintf(state->in, size, format, va);
data/emboss-6.6.0+dfsg/ajax/zlib/gzwrite.c:333:11:  [4] (format) vsnprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    len = vsnprintf((char *)(state->in), size, format, va);
data/emboss-6.6.0+dfsg/ajax/zlib/gzwrite.c:393:5:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
    sprintf(state->in, format, a1, a2, a3, a4, a5, a6, a7, a8,
data/emboss-6.6.0+dfsg/ajax/zlib/gzwrite.c:398:11:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
    len = sprintf(state->in, format, a1, a2, a3, a4, a5, a6, a7, a8,
data/emboss-6.6.0+dfsg/ajax/zlib/gzwrite.c:403:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(state->in, size, format, a1, a2, a3, a4, a5, a6, a7, a8,
data/emboss-6.6.0+dfsg/ajax/zlib/gzwrite.c:407:11:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    len = snprintf(state->in, size, format, a1, a2, a3, a4, a5, a6, a7, a8,
data/emboss-6.6.0+dfsg/ajax/zlib/zutil.h:201:18:  [4] (format) vsnprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
#    if !defined(vsnprintf) && !defined(NO_vsnprintf)
data/emboss-6.6.0+dfsg/ajax/zlib/zutil.h:203:18:  [4] (format) vsnprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
#         define vsnprintf _vsnprintf
data/emboss-6.6.0+dfsg/ajax/zlib/zutil.h:250:39:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#  define Trace(x) {if (z_verbose>=0) fprintf x ;}
data/emboss-6.6.0+dfsg/ajax/zlib/zutil.h:251:39:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#  define Tracev(x) {if (z_verbose>0) fprintf x ;}
data/emboss-6.6.0+dfsg/ajax/zlib/zutil.h:252:40:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#  define Tracevv(x) {if (z_verbose>1) fprintf x ;}
data/emboss-6.6.0+dfsg/ajax/zlib/zutil.h:253:48:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#  define Tracec(c,x) {if (z_verbose>0 && (c)) fprintf x ;}
data/emboss-6.6.0+dfsg/ajax/zlib/zutil.h:254:49:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#  define Tracecv(c,x) {if (z_verbose>1 && (c)) fprintf x ;}
data/emboss-6.6.0+dfsg/emboss/cirdna.c:1695:5:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
				sscanf( ajStrGetPtr(line), "%s", style );
data/emboss-6.6.0+dfsg/emboss/edialign.c:655:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(seq[i],ajSeqGetSeqC(pseq));
data/emboss-6.6.0+dfsg/emboss/edialign.c:674:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(seq_name[i],s_str);
data/emboss-6.6.0+dfsg/emboss/edialign.c:675:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(full_name[i],ajStrGetPtr(sname));
data/emboss-6.6.0+dfsg/emboss/edialign.c:711:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(mat_name,MATNAME);
data/emboss-6.6.0+dfsg/emboss/edialign.c:771:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy( arguments[i] , argv[i] );
data/emboss-6.6.0+dfsg/emboss/edialign.c:778:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy( input_name , ajStrGetPtr(sname));
data/emboss-6.6.0+dfsg/emboss/edialign.c:801:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat( input_line , argv[i] );
data/emboss-6.6.0+dfsg/emboss/edialign.c:809:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat( input_line , argv[i] );
data/emboss-6.6.0+dfsg/emboss/edialign.c:818:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy( seq_file , input_name );
data/emboss-6.6.0+dfsg/emboss/edialign.c:829:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy( anc_name , input_name );
data/emboss-6.6.0+dfsg/emboss/edialign.c:1127:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy( printname , input_name);
data/emboss-6.6.0+dfsg/emboss/edialign.c:1128:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy( prn , printname);
data/emboss-6.6.0+dfsg/emboss/edialign.c:1132:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy( printname , output_name );
data/emboss-6.6.0+dfsg/emboss/edialign.c:1133:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy( prn , printname);
data/emboss-6.6.0+dfsg/emboss/edialign.c:1137:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(prn2 , prn); 
data/emboss-6.6.0+dfsg/emboss/edialign.c:1146:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(logname,printname);
data/emboss-6.6.0+dfsg/emboss/edialign.c:1149:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(fsm_name , printname);
data/emboss-6.6.0+dfsg/emboss/edialign.c:1154:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy( pst_name , printname );
data/emboss-6.6.0+dfsg/emboss/edialign.c:1160:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy( dia_name , printname );  
data/emboss-6.6.0+dfsg/emboss/edialign.c:1172:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy( csc_name , printname );  
data/emboss-6.6.0+dfsg/emboss/edialign.c:1179:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy( dia_pa_name , printname );  
data/emboss-6.6.0+dfsg/emboss/edialign.c:1195:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy( mot_file_name , printname );  
data/emboss-6.6.0+dfsg/emboss/edialign.c:1211:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy( frag_file_name , printname );  
data/emboss-6.6.0+dfsg/emboss/edialign.c:1421:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(itname,printname);
data/emboss-6.6.0+dfsg/emboss/edialign.c:1422:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(itname2,printname);
data/emboss-6.6.0+dfsg/emboss/edialign.c:1423:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(itname3,printname);
data/emboss-6.6.0+dfsg/emboss/edialign.c:1424:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(itname4,printname);
data/emboss-6.6.0+dfsg/emboss/edialign.c:1428:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(itname,str);
data/emboss-6.6.0+dfsg/emboss/edialign.c:1431:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(itname2,str);
data/emboss-6.6.0+dfsg/emboss/edialign.c:1494:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(itname,printname);
data/emboss-6.6.0+dfsg/emboss/edialign.c:1495:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(itname2,printname);
data/emboss-6.6.0+dfsg/emboss/edialign.c:1496:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(itname3,printname);
data/emboss-6.6.0+dfsg/emboss/edialign.c:1497:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(itname4,printname);
data/emboss-6.6.0+dfsg/emboss/edialign.c:1502:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(itname,str); 
data/emboss-6.6.0+dfsg/emboss/edialign.c:1505:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(itname2,str); 
data/emboss-6.6.0+dfsg/emboss/edialign.c:1729:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy( dist_name , printname);
data/emboss-6.6.0+dfsg/emboss/edialign.c:3147:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy( anc_file_name , file_name );
data/emboss-6.6.0+dfsg/emboss/edialign.c:5189:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy( cap_file_name , input_name );
data/emboss-6.6.0+dfsg/emboss/edialign.c:5595:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy( all_clades[i].name , seq_name[i] );
data/emboss-6.6.0+dfsg/emboss/edialign.c:5691:13:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
            strcat(string, all_clades[m1].name); 
data/emboss-6.6.0+dfsg/emboss/edialign.c:5692:13:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
            strcat(string,l_name[0]); 
data/emboss-6.6.0+dfsg/emboss/edialign.c:5694:13:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
            strcat(string, all_clades[m2].name); 
data/emboss-6.6.0+dfsg/emboss/edialign.c:5695:13:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
            strcat(string,l_name[1]); 
data/emboss-6.6.0+dfsg/emboss/edialign.c:5698:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy( all_clades[m1].name , string ); 
data/emboss-6.6.0+dfsg/emboss/edialign.c:6023:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy( exclude_file_name , file_name );
data/emboss-6.6.0+dfsg/emboss/edialign.c:6102:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy( str , str + pv );
data/emboss-6.6.0+dfsg/emboss/edialign.c:6128:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy( str , str + pv ) ;
data/emboss-6.6.0+dfsg/emboss/edialign.c:6232:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy( fsqn[ sn ] , line ) ; 
data/emboss-6.6.0+dfsg/emboss/edialign.c:6280:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy( sqn[ 1 ] , sqn[ 0 ] ) ;
data/emboss-6.6.0+dfsg/emboss/edialign.c:6369:5:  [4] (buffer) fscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
	if(fscanf( fp_mat, "%s\n", dummy) != 1)
data/emboss-6.6.0+dfsg/emboss/edialign.c:6481:2:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
	sscanf(line,"%d %d %s", &len, &sum, str  );
data/emboss-6.6.0+dfsg/emboss/edialign.c:6563:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy( mat_file_name , file_name );
data/emboss-6.6.0+dfsg/emboss/edialign.c:7897:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		strcpy( output_name , arg[++an] );
data/emboss-6.6.0+dfsg/emboss/edialign.c:8041:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		strcpy( mot_regex , arg[++an] );
data/emboss-6.6.0+dfsg/emboss/emowse.c:866:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(s,ajStrGetPtr(rev));
data/emboss-6.6.0+dfsg/emboss/jembossctl.c:457:9:  [4] (crypto) crypt:
  The crypt functions use a poor one-way hashing algorithm; since they only
  accept passwords of 8 characters or fewer and only a two-byte salt, they
  are excessively vulnerable to dictionary attacks given today's faster
  computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
  with a larger, non-repeating salt.
    p = crypt(ajStrGetPtr(password),shadow->sp_pwdp);
data/emboss-6.6.0+dfsg/emboss/jembossctl.c:494:9:  [4] (crypto) crypt:
  The crypt functions use a poor one-way hashing algorithm; since they only
  accept passwords of 8 characters or fewer and only a two-byte salt, they
  are excessively vulnerable to dictionary attacks given today's faster
  computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
  with a larger, non-repeating salt.
    p = crypt(ajStrGetPtr(password),shadow->upw_passwd);
data/emboss-6.6.0+dfsg/emboss/jembossctl.c:537:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(epwd,shadow->sp_pwdp);
data/emboss-6.6.0+dfsg/emboss/jembossctl.c:553:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(epwd,pwd->pw_passwd);
data/emboss-6.6.0+dfsg/emboss/jembossctl.c:559:9:  [4] (crypto) crypt:
  The crypt functions use a poor one-way hashing algorithm; since they only
  accept passwords of 8 characters or fewer and only a two-byte salt, they
  are excessively vulnerable to dictionary attacks given today's faster
  computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
  with a larger, non-repeating salt.
    p = crypt(ajStrGetPtr(password),epwd);
data/emboss-6.6.0+dfsg/emboss/jembossctl.c:598:9:  [4] (crypto) crypt:
  The crypt functions use a poor one-way hashing algorithm; since they only
  accept passwords of 8 characters or fewer and only a two-byte salt, they
  are excessively vulnerable to dictionary attacks given today's faster
  computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
  with a larger, non-repeating salt.
    p = crypt(ajStrGetPtr(password),pwd->pw_passwd);
data/emboss-6.6.0+dfsg/emboss/jembossctl.c:667:9:  [4] (crypto) crypt:
  The crypt functions use a poor one-way hashing algorithm; since they only
  accept passwords of 8 characters or fewer and only a two-byte salt, they
  are excessively vulnerable to dictionary attacks given today's faster
  computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
  with a larger, non-repeating salt.
    p = crypt(ajStrGetPtr(password),shadow->sp_pwdp);
data/emboss-6.6.0+dfsg/emboss/jembossctl.c:726:9:  [4] (crypto) crypt:
  The crypt functions use a poor one-way hashing algorithm; since they only
  accept passwords of 8 characters or fewer and only a two-byte salt, they
  are excessively vulnerable to dictionary attacks given today's faster
  computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
  with a larger, non-repeating salt.
    p = crypt(ajStrGetPtr(password),pwd->pw_passwd);
data/emboss-6.6.0+dfsg/emboss/jembossctl.c:1919:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(dbuf,ajStrGetPtr(dir));
data/emboss-6.6.0+dfsg/emboss/jembossctl.c:3471:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(buf,file);
data/emboss-6.6.0+dfsg/emboss/lindna.c:1539:5:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
				sscanf(ajStrGetPtr(line), "%s", style);
data/emboss-6.6.0+dfsg/emboss/prettyplot.c:930:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(constr,res);
data/emboss-6.6.0+dfsg/emboss/primers.c:365:13:  [4] (shell) execlp:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
            execlp(ajStrGetPtr(program), "primer3_core", NULL);
data/emboss-6.6.0+dfsg/nucleus/embcom.c:222:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy(SetSeqSim[i].Sqsim,seqsim);
data/emboss-6.6.0+dfsg/nucleus/embsig.c:4663:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(embSigprot, ajStrGetPtr(P));
data/emboss-6.6.0+dfsg/plplot/plargs.c:954:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy(copy, myoptarg);
data/emboss-6.6.0+dfsg/plplot/plargs.c:1161:19:  [4] (shell) popen:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
	pager = (FILE *) popen("$PAGER", "w");
data/emboss-6.6.0+dfsg/plplot/plargs.c:1163:19:  [4] (shell) popen:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
	pager = (FILE *) popen("more", "w");
data/emboss-6.6.0+dfsg/plplot/plargs.c:1254:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(msg,"Incorrect argument to '%s' option", drvp->option);
data/emboss-6.6.0+dfsg/plplot/plargs.c:1264:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(msg,"Incorrect argument to '%s' option", drvp->option);
data/emboss-6.6.0+dfsg/plplot/plargs.c:1277:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
      sprintf(msg, "Option '%s' not recognized.\n\nRecognized options for this driver are:\n", drvp->option);
data/emboss-6.6.0+dfsg/plplot/plargs.c:2093:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy (plsc->plwindow, myoptarg);
data/emboss-6.6.0+dfsg/plplot/plargs.c:2115:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(newcmd,myoptarg);
data/emboss-6.6.0+dfsg/plplot/plargs.c:2199:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy (plsc->geometry, myoptarg);
data/emboss-6.6.0+dfsg/plplot/plargs.c:2252:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy (plsc->tk_file, myoptarg);
data/emboss-6.6.0+dfsg/plplot/plbox.c:1335:3:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
		sprintf(string, form, value);
data/emboss-6.6.0+dfsg/plplot/plbox.c:1370:2:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	sprintf(temp, form, value);
data/emboss-6.6.0+dfsg/plplot/plbox.c:1371:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(string, temp);
data/emboss-6.6.0+dfsg/plplot/plcont.c:340:5:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
    sprintf(string, form, mant);
data/emboss-6.6.0+dfsg/plplot/plcont.c:342:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(string, tmpstring);
data/emboss-6.6.0+dfsg/plplot/plcont.c:356:2:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	sprintf(string, form, value);
data/emboss-6.6.0+dfsg/plplot/plcore.c:688:21:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
                    sprintf (buf, "UTF-8 string is malformed: %s%s",
data/emboss-6.6.0+dfsg/plplot/plcore.c:2231:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf (path, "%s/%s", drvdir, name);
data/emboss-6.6.0+dfsg/plplot/plcore.c:2234:10:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	        sprintf (buf,
data/emboss-6.6.0+dfsg/plplot/plcore.c:2463:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(plsc->DevName, dispatch_table[dev - 1]->pl_DevName);
data/emboss-6.6.0+dfsg/plplot/plcore.c:2522:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf( drvspec, "%s/%s", plGetDrvDir (), driver->drvnam );
data/emboss-6.6.0+dfsg/plplot/plcore.c:2542:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf( sym, "plD_dispatch_init_%s", tag );
data/emboss-6.6.0+dfsg/plplot/plcore.c:2732:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(p_dev, plsc->DevName);
data/emboss-6.6.0+dfsg/plplot/plcore.c:3014:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(p_ver, PLPLT_VERSION);
data/emboss-6.6.0+dfsg/plplot/plcore.c:3333:11:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
          strcpy(names,pls[i]->DevName);
data/emboss-6.6.0+dfsg/plplot/plcore.c:3337:11:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
          strcat(names,pls[i]->DevName);
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1006:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(plsc->errmsg, "%s, aborting operation\n", errormsg);
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1187:9:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
        fprintf(stderr, PLPLOT_BIN_ENV"=\"%s\"\n", dn); /* what IS set? */
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1204:9:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
        fprintf(stderr, PLPLOT_HOME_ENV"=\"%s\"\n",dn); /* what IS set? */
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1306:9:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
        fprintf(stderr, PLPLOT_LIB_ENV"=\"%s\"\n", dn); /* what IS set? */
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1323:9:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
        fprintf(stderr, PLPLOT_HOME_ENV"=\"%s\"\n",dn); /* what IS set? */
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1428:14:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
	    return (access(p, X_OK));
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1465:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(*filespec, dir);
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1469:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(*filespec, subdir);
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1473:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(*filespec, filename);
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1619:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
      sprintf (tmp, "%s.%%0%1ii%s", pls->BaseName, (int) pls->fflen, pls->Ext);
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1623:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
      sprintf (tmp, "%s%%0%1ii%s", prefix, (int) pls->fflen, suffix + 2);
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1626:5:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
    sprintf(pls->FileName, tmp, pls->member);
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1646:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(pls->FileName, fnam);
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1653:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(pls->BaseName, fnam);
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1673:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(pls->FileName, fnam);
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1674:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(&pls->FileName[strlen(fnam)], ext);
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1681:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(pls->BaseName, fnam);
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1687:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(pls->Ext, ext);
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1896:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(dest, src);
data/emboss-6.6.0+dfsg/plplot/pldebug.h:81:2:  [4] (format) vfprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
	vfprintf(stderr, fmt, args);
data/emboss-6.6.0+dfsg/plplot/plmap.c:109:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(filename,type);
data/emboss-6.6.0+dfsg/plplot/plmap.c:110:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(filename,MAP_FILE);
data/emboss-6.6.0+dfsg/plplot/tek.c:435:5:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    fprintf(pls->OutFile, VECTOR_MODE);	/* Enter vector mode */
data/emboss-6.6.0+dfsg/plplot/tek.c:437:2:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
	fprintf(pls->OutFile, CLEAR_VIEW);/* erase and home */
data/emboss-6.6.0+dfsg/plplot/tek.c:458:18:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
	pls->bytecnt += fprintf(pls->OutFile, VECTOR_MODE);
data/emboss-6.6.0+dfsg/plplot/tek.c:488:18:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
	pls->bytecnt += fprintf(pls->OutFile, VECTOR_MODE);
data/emboss-6.6.0+dfsg/plplot/tek.c:516:5:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    fprintf(pls->OutFile, CLEAR_VIEW);		/* erase and home */
data/emboss-6.6.0+dfsg/plplot/tek.c:538:5:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
	   fprintf(pls->OutFile, CLEAR_VIEW);	/* erase and home */
data/emboss-6.6.0+dfsg/plplot/tek.c:689:2:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
	printf(GIN_MODE);
data/emboss-6.6.0+dfsg/plplot/tek.c:703:2:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
	printf(VECTOR_MODE);
data/emboss-6.6.0+dfsg/plplot/tek.c:742:21:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    pls->bytecnt += fprintf(pls->OutFile, VECTOR_MODE);
data/emboss-6.6.0+dfsg/plplot/tek.c:795:6:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
	    printf(ALPHA_MODE);		/* enter alpha mode */
data/emboss-6.6.0+dfsg/plplot/tek.c:827:9:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
   	    printf(CLEAR_VIEW);		/* clear screen */
data/emboss-6.6.0+dfsg/plplot/tek.c:1015:5:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    printf(ALPHA_MODE);		/* Switch to alpha mode (necessary) */
data/emboss-6.6.0+dfsg/plplot/tek.c:1016:5:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    printf(RING_BELL);		/* and ring bell */
data/emboss-6.6.0+dfsg/plplot/tek.c:1017:5:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    printf(VECTOR_MODE);	/* Switch out of alpha mode */
data/emboss-6.6.0+dfsg/plplot/xwin.c:1133:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(header, "%s", pls->plwindow);
data/emboss-6.6.0+dfsg/plplot/xwin.c:1136:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(header, "%s", pls->program); /* else program name */
data/emboss-6.6.0+dfsg/plplot/xwin.c:1139:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(header,"%s","Plplot");
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:260:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(basedir,argv[1]);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:271:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(newbasedir,argv[2]);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:346:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(nucleusdir,"%s/nucleus",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:402:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/nucleus/*.h",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:405:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/nucleus",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:408:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:409:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:416:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/nucleus/*.c",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:419:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:421:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:441:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/ajax/pcre/*.h",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:444:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/ajax/pcre",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:448:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:450:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:456:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/ajax/pcre/*.c",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:459:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:461:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:470:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/ajax/expat/*.h",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:473:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/ajax/expat",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:476:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:478:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:484:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/ajax/expat/*.c",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:487:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:489:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:498:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/ajax/zlib/*.h",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:501:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/ajax/zlib",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:504:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:506:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:512:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/ajax/zlib/*.c",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:515:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:517:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:526:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/ajax/core/*.h",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:529:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/ajax/core",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:532:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:534:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:540:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/ajax/core/*.c",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:543:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:545:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:554:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/ajax/graphics/*.h",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:557:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/ajax/graphics",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:560:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:562:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:568:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/ajax/graphics/*.c",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:571:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:573:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:582:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/ajax/ensembl/*.h",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:585:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/ajax/ensembl",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:588:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:590:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:596:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/ajax/ensembl/*.c",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:599:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:601:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:610:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/ajax/ajaxdb/*.h",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:613:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/ajax/ajaxdb",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:616:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:618:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:624:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/ajax/ajaxdb/*.c",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:627:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:629:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:638:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/ajax/acd/*.h",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:641:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/ajax/acd",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:644:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:646:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:652:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/ajax/acd/*.c",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:655:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:657:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:668:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/win32/ajax/*",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:671:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/ajax/core",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:674:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CPR,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:676:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:696:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/plplot/*.h",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:699:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/plplot",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:702:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:704:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:710:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/plplot/*.c",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:713:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:715:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:722:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/plplotwin/*.h",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:725:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:727:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:733:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/plplotwin/*.cpp",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:736:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:738:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:745:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/plplotwin/gd/include/*.h",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:748:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:750:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:757:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/plplotwin/haru/include/*.h",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:760:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:762:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:769:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/win32/DLLs/plplot/eplplot*",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:772:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/DLLs/plplot",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:775:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:777:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:784:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/plplotwin/gd/lib/bgd.lib",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:787:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/plplot/lib/Debug",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:790:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:792:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:799:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/plplot/lib/Release",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:802:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:804:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:811:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/plplotwin/gd/lib/bgd.dll",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:814:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/DLLs/Debug",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:817:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:819:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:825:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/DLLs/Release",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:828:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:830:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:837:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/plplotwin/haru/lib/libharu.lib",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:840:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/plplot/lib/Debug",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:843:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:845:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:851:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/plplot/lib/Release",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:854:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:856:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:864:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/plplotwin/haru/lib/libharu.dll",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:867:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/DLLs/Debug",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:870:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:872:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:878:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/plplotwin/haru/lib/libharu.dll",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:881:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/DLLs/Release",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:884:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:886:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:892:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/scripts/qatest.pl",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:895:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/scripts",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:898:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:900:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/scripts/qatest.bat",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:903:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/scripts",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:906:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:908:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:914:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/DLLs/Release",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:917:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:919:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:939:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/win32/DLLs/DLLs.*",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:942:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/DLLs",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:945:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:947:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:955:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/win32/DLLs/ajax/acd.vcxproj",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:958:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/DLLs/ajax/acd",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:961:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:963:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:969:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/win32/DLLs/ajax/ajaxdb.vcxproj",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:972:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/DLLs/ajax/ajaxdb",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:975:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:977:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:983:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/win32/DLLs/ajax/ajaxg.vcxproj",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:986:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/DLLs/ajax/graphics",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:989:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:991:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:997:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/win32/DLLs/ajax/core.vcxproj",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1000:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/DLLs/ajax/core",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1003:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1005:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1011:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/win32/DLLs/ajax/ensembl.vcxproj",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1014:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/DLLs/ajax/ensembl",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1017:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1019:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1025:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/win32/DLLs/ajax/expat.vcxproj",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1028:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/DLLs/ajax/expat",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1031:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1033:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1039:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/win32/DLLs/ajax/zlib.vcxproj",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1042:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/DLLs/ajax/zlib",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1045:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1047:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1053:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/win32/DLLs/ajax/pcre.vcxproj",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1056:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/DLLs/ajax/pcre",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1059:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1061:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1069:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/win32/DLLs/nucleus/*",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1072:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/DLLs/nucleus",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1075:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CPR,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1077:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1096:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/emboss/data/*",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1099:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/data",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1102:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CPR,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1104:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1110:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/plplot/lib/pl*",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1113:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/data",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1116:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CPFP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1118:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1124:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/win32/misc/*.txt",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1127:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CPFP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1129:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1135:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/win32/misc/emboss.default",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1138:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/apps/release",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1141:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CPFP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1143:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1162:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/emboss/index/*",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1165:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/index",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1168:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CPR,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1170:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1177:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/emboss/emboss.standard",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1180:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1183:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1185:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1191:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/emboss/server.*",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1194:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1197:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CPR,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1199:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1218:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/doc/*",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1221:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/doc",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1224:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CPDFPR,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1226:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1245:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/jemboss/*",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1248:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/jemboss",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1251:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CPDFPR,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1253:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1272:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/test/*",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1275:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/test",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1278:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CPDFPR,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1280:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1286:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
  sprintf(src,"%s/test/.embossrc",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1289:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/test",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1292:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CPDFPR,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1294:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1313:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/scripts/qatest.pl",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1316:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/scripts",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1319:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CPDFPR,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1321:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1340:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/win32/mysql/Debug/*.lib",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1343:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/mysql/Debug",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1346:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1348:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1354:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/win32/mysql/Debug/*.pdb",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1357:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1359:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1366:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/win32/mysql/Release/*.lib",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1369:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/mysql/Release",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1372:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1374:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1381:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/win32/mysql/Release/*.pdb",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1384:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1386:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1393:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/win32/mysql/include/*.h",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1396:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/mysql/include",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1399:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1401:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1407:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/win32/mysql/include/*.def",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1410:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1412:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1418:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/win32/mysql/include/mysql/*.h",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1421:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/mysql/include/mysql",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1424:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1426:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1435:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/win32/mysql/Release/libmysql.dll",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1438:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/DLLs/Release",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1441:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1443:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1449:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/win32/mysql/Debug/libmysql.dll",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1452:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/DLLs/Debug",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1455:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1457:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1476:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/win32/postgresql/Release/*.lib",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1479:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/postgresql/Debug",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1482:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1484:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1490:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/win32/postgresql/Release/*.lib",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1493:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/postgresql/Release",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1496:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1498:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1505:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/win32/postgresql/include/*.h",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1508:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/postgresql/include",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1511:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1513:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1523:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/win32/postgresql/Release/*.dll",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1526:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/DLLs/Release",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1529:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1531:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1537:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/win32/postgresql/Release/*.dll",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1540:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/DLLs/Debug",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1543:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1545:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1564:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/win32/axis2c/lib/*.lib",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1567:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/axis2c/lib",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1570:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1572:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1579:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/win32/axis2c/lib/*.dll",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1582:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/axis2c/lib",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1585:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1587:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1595:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/win32/axis2c/include/*.h",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1598:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/axis2c/include",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1601:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1603:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1612:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/win32/axis2c/include/platforms/*.h",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1615:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/axis2c/include/platforms",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1618:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1620:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1629:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/win32/axis2c/include/platforms/windows/*.h",
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1633:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/axis2c/include/platforms/windows",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1636:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1638:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1647:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/win32/axis2c/include/platforms/unix/*.h",
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1651:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/axis2c/include/platforms/unix",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1654:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1656:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1665:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/win32/axis2c/modules/addressing/axis*",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1668:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/axis2c/modules/addressing",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1671:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1673:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1682:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/win32/axis2c/modules/addressing/module.xml",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1685:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/axis2c/modules/addressing",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1688:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1690:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1699:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/win32/axis2c/modules/logging/axis*",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1702:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/axis2c/modules/logging",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1705:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1707:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1716:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/win32/axis2c/modules/logging/module.xml",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1719:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/axis2c/modules/logging",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1722:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1724:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1731:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/win32/axis2c/axis2.xml",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1734:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/axis2c",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1737:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1739:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1749:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/win32/axis2c/lib/*.dll",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1752:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/DLLs/Release",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1755:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1757:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1763:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/win32/axis2c/lib/*.dll",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1766:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/DLLs/Debug",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1769:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1771:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1810:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(vc100,ev);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1812:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(vc100,def3);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1819:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(prompt,"%s",vc100);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1826:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/[mM]*",prompt);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1829:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/redist",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1832:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1834:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1843:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(vc90,ev);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1845:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(vc90,def);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1852:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(prompt,"%s",vc90);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1858:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/[mM]*",prompt);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1861:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1863:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1872:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(vc80,ev);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1874:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(vc80,def2);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1881:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(prompt,"%s",vc80);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1887:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/[mM]*",prompt);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1890:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1892:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1910:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(zipfile,"%s/memboss-dev.zip",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1913:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(command,"rm %s/memboss-dev.zip",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1914:12:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
        if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1923:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"find %s/win32build -name CVS -exec rm -rf {} \\; "
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1925:5:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    system(command);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1927:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"cd %s; zip -r memboss-dev win32build win32build/test/.embossrc >/dev/null 2>&1",
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1929:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1935:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"rm -rf %s/win32build",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1936:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2048:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(newdir,"%s/%s",newbasedir,dirs[i]);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2101:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(filename,"%s/%s",dir,dp->d_name);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2217:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"sort %s > %s",fn, TMPFILE2);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2218:5:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    system(command);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2221:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(filename,"%s/win32build/DLLs/ajax/core/%s",newbasedir,COREDEF);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2271:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"sort %s > %s",fn, TMPFILE2);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2272:5:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    system(command);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2275:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(filename,"%s/win32build/DLLs/ajax/%s/%s",newbasedir,subdir,exportdef);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2320:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"sort %s > %s",fn, TMPFILE2);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2321:5:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    system(command);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2324:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(filename,"%s/win32build/DLLs/nucleus/%s",newbasedir,NUCLEUSDEF);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2429:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dir,"%s/emboss",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2454:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(filename,"%s/%s",dir,dp->d_name);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2499:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(src,"%s/%s",dir,dp->d_name);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2502:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(dest,"%s/win32build/emboss",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2505:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2507:9:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
	    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2513:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy(acdname,dp->d_name);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2518:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(filename,"%s/acd/%s",dir,acdname);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2524:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(src,"%s/acd/%s",dir,acdname);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2527:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(dest,"%s/win32build/acd",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2530:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2532:9:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
	    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2544:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/acd/codes.english",dir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2547:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/acd",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2550:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2552:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2558:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/acd/*.standard",dir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2561:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2563:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2569:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(src,"%s/win32/exes/*.exe",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2572:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dest,"%s/win32build/apps/release",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2575:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s %s %s",CP,src,dest);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2577:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2603:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(filename,"%s/emboss/Makefile.am",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2649:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(tmpstr,p);	
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2654:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(progname,"%s.c",p);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2660:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(progname,"%s.c",p);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2700:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(tmp->prog,progname);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2737:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(uida[i],"%x%s",uid,uidext);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2781:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(dir,"%s/win32build/emboss",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2823:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(filename,"%s",dp->d_name);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2826:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy(pnames[i],filename);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2861:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(filename,"%s/win32build/apps/apps.sln",newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2945:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(filename,"%s/win32build/apps/emboss/%s",
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2965:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(filename,"%s/win32build/apps/emboss/%s/%s.vcxproj",newbasedir,
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2976:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(filename,"%s/win32/apps/template.vcxproj",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:3058:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(filename,"%s/win32build/apps/emboss/%s/%s.vcxproj",newbasedir,
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:3078:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(tline,rep);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:3081:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(tline,p);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:3094:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(defsdir,"%s/ajax/%s",basedir,subdir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:3127:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(hfname,"%s/ajax/expat/expat.h",basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:3230:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(hfname,"%s/ajax/zlib/zlib.h",basedir);
data/emboss-6.6.0+dfsg/scripts/compembassy.c:113:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(earray[i++],dresult->d_name);
data/emboss-6.6.0+dfsg/scripts/compembassy.c:157:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(fname,"%s/%s",dirname,dresult->d_name);
data/emboss-6.6.0+dfsg/scripts/compembassy.c:190:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(fname,"%s/%s",dirname,dresult->d_name);
data/emboss-6.6.0+dfsg/scripts/compembassy.c:195:21:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                    strcpy(earray[i++],dresult->d_name);
data/emboss-6.6.0+dfsg/scripts/compembassy.c:231:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(bundledir,"%s",argv[1]);
data/emboss-6.6.0+dfsg/scripts/compembassy.c:236:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(tarfile,gzfiles[i]);
data/emboss-6.6.0+dfsg/scripts/compembassy.c:240:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(command,"cd %s; gunzip %s; tar xf %s",bundledir,gzfiles[i],
data/emboss-6.6.0+dfsg/scripts/compembassy.c:243:12:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
        if(system(command))
data/emboss-6.6.0+dfsg/scripts/compembassy.c:257:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(command,"cd %s/%s; ./configure --prefix=%s; "
data/emboss-6.6.0+dfsg/scripts/compembassy.c:260:12:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
        if(system(command))
data/emboss-6.6.0+dfsg/scripts/compembassy.c:266:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(command,"cd %s; rm -rf %s; gzip %s",
data/emboss-6.6.0+dfsg/scripts/compembassy.c:269:12:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
        if(system(command))
data/emboss-6.6.0+dfsg/scripts/makeam.c:116:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(dirpath,path);
data/emboss-6.6.0+dfsg/scripts/makeam.c:134:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(fullname,"%s%s",dirpath,dp->d_name);
data/emboss-6.6.0+dfsg/scripts/makeam.c:183:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(dirpath,path);
data/emboss-6.6.0+dfsg/scripts/makeam.c:202:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(fullname,"%s%s",dirpath,dp->d_name);
data/emboss-6.6.0+dfsg/scripts/makeam.c:212:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy((*names)[i++],dp->d_name);
data/emboss-6.6.0+dfsg/scripts/makeam.c:260:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(line,names[pos++]);
data/emboss-6.6.0+dfsg/scripts/makeam.c:285:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(line,"\t%s",names[pos++]);
data/emboss-6.6.0+dfsg/scripts/mkembassy.c:90:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(fname,"%s/%s",dirname,dresult->d_name);
data/emboss-6.6.0+dfsg/scripts/mkembassy.c:123:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(fname,"%s/%s",dirname,dresult->d_name);
data/emboss-6.6.0+dfsg/scripts/mkembassy.c:128:21:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                    strcpy(earray[i++],dresult->d_name);
data/emboss-6.6.0+dfsg/scripts/mkembassy.c:160:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(embassydir,"%s/embassy",argv[1]);
data/emboss-6.6.0+dfsg/scripts/mkembassy.c:163:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"cd %s; autoreconf -fi; ./configure",argv[1]);
data/emboss-6.6.0+dfsg/scripts/mkembassy.c:164:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if(system(command))
data/emboss-6.6.0+dfsg/scripts/mkembassy.c:175:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(command,"cd %s; cp -f %s %s/%s", argv[1],extra_dist[j],
data/emboss-6.6.0+dfsg/scripts/mkembassy.c:177:16:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
            if(system(command))
data/emboss-6.6.0+dfsg/scripts/mkembassy.c:186:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(command,"find %s/%s -name CVS | xargs rm -rf",embassydir,
data/emboss-6.6.0+dfsg/scripts/mkembassy.c:188:12:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
        if(system(command))
data/emboss-6.6.0+dfsg/scripts/mkembassy.c:194:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(command,"find %s/%s -name .cvsignore | xargs rm -rf",
data/emboss-6.6.0+dfsg/scripts/mkembassy.c:196:12:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
        if(system(command))
data/emboss-6.6.0+dfsg/scripts/mkembassy.c:202:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(command,"cd %s/%s; autoreconf -fi; ./configure; make  dist;"
data/emboss-6.6.0+dfsg/scripts/mkembassy.c:205:12:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
        if(system(command))
data/emboss-6.6.0+dfsg/scripts/winchkexes.c:189:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(fname,"%s/%s",dirname,dresult->d_name);
data/emboss-6.6.0+dfsg/scripts/winchkexes.c:219:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(fname,"%s/%s",dirname,dresult->d_name);
data/emboss-6.6.0+dfsg/scripts/winchkexes.c:224:21:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                    strcpy(earray[i++],dresult->d_name);
data/emboss-6.6.0+dfsg/ajax/core/ajfiledata.c:199:11:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if((p=getenv("HOME")))
data/emboss-6.6.0+dfsg/ajax/core/ajfiledata.c:365:11:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if((p=getenv("HOME")))
data/emboss-6.6.0+dfsg/ajax/core/ajmess.c:1519:9:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
				    getenv("EMBOSS_ROOT"));
data/emboss-6.6.0+dfsg/ajax/core/ajmess.c:1902:25:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
                        getenv("HOME"), SLASH_STRING, debugtestname); 
data/emboss-6.6.0+dfsg/ajax/core/ajnam.c:4663:14:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    envval = getenv(name);
data/emboss-6.6.0+dfsg/ajax/core/ajnam.c:6741:17:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    prefixRoot= getenv("EMBOSSRC");
data/emboss-6.6.0+dfsg/ajax/core/ajsys.c:544:36:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
        ajStrAssignC(&sysUserPath, getenv("PATH"));
data/emboss-6.6.0+dfsg/ajax/core/ajsys.c:746:14:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if(!(p = getenv("HOME")))
data/emboss-6.6.0+dfsg/ajax/core/ajsys.c:1662:9:  [3] (shell) CreateProcess:
  This causes a new process to execute and is difficult to use safely
  (CWE-78). Specify the application path in the first argument, NOT as part
  of the second, or embedded spaces could allow an attacker to force a
  different program to run.
    if(!CreateProcess(NULL, (char *)cmdlinetxt, NULL, NULL, FALSE,
data/emboss-6.6.0+dfsg/ajax/core/ajsys.c:1662:9:  [3] (shell) CreateProcess:
  This causes a new process to execute and is difficult to use safely
  (CWE-78). Specify the application path in the first argument, NOT as part
  of the second, or embedded spaces could allow an attacker to force a
  different program to run.
    if(!CreateProcess(NULL, (char *)cmdlinetxt, NULL, NULL, FALSE,
data/emboss-6.6.0+dfsg/ajax/core/ajsys.c:1894:9:  [3] (shell) CreateProcess:
  This causes a new process to execute and is difficult to use safely
  (CWE-78). Specify the application path in the first argument, NOT as part
  of the second, or embedded spaces could allow an attacker to force a
  different program to run.
    if(!CreateProcess(NULL, (char *)cmdlinetxt, NULL, NULL, FALSE,
data/emboss-6.6.0+dfsg/ajax/core/ajsys.c:1894:9:  [3] (shell) CreateProcess:
  This causes a new process to execute and is difficult to use safely
  (CWE-78). Specify the application path in the first argument, NOT as part
  of the second, or embedded spaces could allow an attacker to force a
  different program to run.
    if(!CreateProcess(NULL, (char *)cmdlinetxt, NULL, NULL, FALSE,
data/emboss-6.6.0+dfsg/ajax/core/ajsys.c:2045:9:  [3] (shell) CreateProcess:
  This causes a new process to execute and is difficult to use safely
  (CWE-78). Specify the application path in the first argument, NOT as part
  of the second, or embedded spaces could allow an attacker to force a
  different program to run.
    if(!CreateProcess(NULL, (char *) cmdlinetxt, NULL, NULL, TRUE,
data/emboss-6.6.0+dfsg/ajax/core/ajsys.c:2045:9:  [3] (shell) CreateProcess:
  This causes a new process to execute and is difficult to use safely
  (CWE-78). Specify the application path in the first argument, NOT as part
  of the second, or embedded spaces could allow an attacker to force a
  different program to run.
    if(!CreateProcess(NULL, (char *) cmdlinetxt, NULL, NULL, TRUE,
data/emboss-6.6.0+dfsg/ajax/core/ajsys.c:2200:9:  [3] (shell) CreateProcess:
  This causes a new process to execute and is difficult to use safely
  (CWE-78). Specify the application path in the first argument, NOT as part
  of the second, or embedded spaces could allow an attacker to force a
  different program to run.
    if(!CreateProcess(NULL, (char *) cmdlinetxt, NULL, NULL, TRUE,
data/emboss-6.6.0+dfsg/ajax/core/ajsys.c:2200:9:  [3] (shell) CreateProcess:
  This causes a new process to execute and is difficult to use safely
  (CWE-78). Specify the application path in the first argument, NOT as part
  of the second, or embedded spaces could allow an attacker to force a
  different program to run.
    if(!CreateProcess(NULL, (char *) cmdlinetxt, NULL, NULL, TRUE,
data/emboss-6.6.0+dfsg/ajax/core/ajsys.c:2362:9:  [3] (shell) CreateProcess:
  This causes a new process to execute and is difficult to use safely
  (CWE-78). Specify the application path in the first argument, NOT as part
  of the second, or embedded spaces could allow an attacker to force a
  different program to run.
    if(!CreateProcess(NULL, (char *) cmdlinetxt, NULL, NULL, TRUE,
data/emboss-6.6.0+dfsg/ajax/core/ajsys.c:2362:9:  [3] (shell) CreateProcess:
  This causes a new process to execute and is difficult to use safely
  (CWE-78). Specify the application path in the first argument, NOT as part
  of the second, or embedded spaces could allow an attacker to force a
  different program to run.
    if(!CreateProcess(NULL, (char *) cmdlinetxt, NULL, NULL, TRUE,
data/emboss-6.6.0+dfsg/ajax/core/ajsys.c:2521:9:  [3] (shell) CreateProcess:
  This causes a new process to execute and is difficult to use safely
  (CWE-78). Specify the application path in the first argument, NOT as part
  of the second, or embedded spaces could allow an attacker to force a
  different program to run.
    if(!CreateProcess(NULL, (char *) cmdlinetxt, NULL, NULL, TRUE,
data/emboss-6.6.0+dfsg/ajax/core/ajsys.c:2521:9:  [3] (shell) CreateProcess:
  This causes a new process to execute and is difficult to use safely
  (CWE-78). Specify the application path in the first argument, NOT as part
  of the second, or embedded spaces could allow an attacker to force a
  different program to run.
    if(!CreateProcess(NULL, (char *) cmdlinetxt, NULL, NULL, TRUE,
data/emboss-6.6.0+dfsg/ajax/core/ajsys.c:2640:10:  [3] (shell) CreateProcess:
  This causes a new process to execute and is difficult to use safely
  (CWE-78). Specify the application path in the first argument, NOT as part
  of the second, or embedded spaces could allow an attacker to force a
  different program to run.
    if (!CreateProcess(NULL, (char *)cmdlinetxt, NULL, NULL, FALSE,
data/emboss-6.6.0+dfsg/ajax/core/ajsys.c:2640:10:  [3] (shell) CreateProcess:
  This causes a new process to execute and is difficult to use safely
  (CWE-78). Specify the application path in the first argument, NOT as part
  of the second, or embedded spaces could allow an attacker to force a
  different program to run.
    if (!CreateProcess(NULL, (char *)cmdlinetxt, NULL, NULL, FALSE,
data/emboss-6.6.0+dfsg/ajax/core/ajsys.c:2888:11:  [3] (shell) CreateProcess:
  This causes a new process to execute and is difficult to use safely
  (CWE-78). Specify the application path in the first argument, NOT as part
  of the second, or embedded spaces could allow an attacker to force a
  different program to run.
    ret = CreateProcess(NULL, (char *)cmdlinetxt, NULL, NULL, TRUE, 0,
data/emboss-6.6.0+dfsg/ajax/core/ajsys.c:2888:11:  [3] (shell) CreateProcess:
  This causes a new process to execute and is difficult to use safely
  (CWE-78). Specify the application path in the first argument, NOT as part
  of the second, or embedded spaces could allow an attacker to force a
  different program to run.
    ret = CreateProcess(NULL, (char *)cmdlinetxt, NULL, NULL, TRUE, 0,
data/emboss-6.6.0+dfsg/ajax/core/ajsys.c:3416:11:  [3] (shell) CreateProcess:
  This causes a new process to execute and is difficult to use safely
  (CWE-78). Specify the application path in the first argument, NOT as part
  of the second, or embedded spaces could allow an attacker to force a
  different program to run.
    ret = CreateProcess(NULL, (char *)ajStrGetPtr(cmdstr), NULL, NULL, TRUE, 0,
data/emboss-6.6.0+dfsg/ajax/core/ajsys.c:3416:11:  [3] (shell) CreateProcess:
  This causes a new process to execute and is difficult to use safely
  (CWE-78). Specify the application path in the first argument, NOT as part
  of the second, or embedded spaces could allow an attacker to force a
  different program to run.
    ret = CreateProcess(NULL, (char *)ajStrGetPtr(cmdstr), NULL, NULL, TRUE, 0,
data/emboss-6.6.0+dfsg/emboss/embossdata.c:162:10:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	if((p = getenv("HOME")))
data/emboss-6.6.0+dfsg/emboss/tfm.c:86:19:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	    shellpager = getenv("PAGER");
data/emboss-6.6.0+dfsg/emboss/tfm.c:345:14:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if((root=getenv("EMBOSSCYGROOT")))
data/emboss-6.6.0+dfsg/nucleus/embcom.c:1459:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand((unsigned) time(&tm));
data/emboss-6.6.0+dfsg/nucleus/embdbi.c:823:25:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    char* sortProgDir = getenv("EMBOSS_ROOT");
data/emboss-6.6.0+dfsg/plplot/plargs.c:1160:9:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if (getenv("PAGER") != NULL)
data/emboss-6.6.0+dfsg/plplot/plcore.c:2149:16:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
      drvdir = getenv ("PLPLOT_DRV_DIR");
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1183:15:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if ((dn = getenv(PLPLOT_BIN_ENV)) != NULL) {
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1200:15:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if ((dn = getenv(PLPLOT_HOME_ENV)) != NULL) {
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1300:15:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if ((dn = getenv(PLPLOT_LIB_ENV)) != NULL) {
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1318:15:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if ((dn = getenv(PLPLOT_HOME_ENV)) != NULL) {
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1807:10:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    ev = getenv("vc100files");
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1840:10:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    ev = getenv("vc90files");
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1869:10:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    ev = getenv("vc80files");    
data/emboss-6.6.0+dfsg/ajax/acd/ajacd.c:21220:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char underline[256];
data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajdas.h:159:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   padding[4];
data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajdas.h:185:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char padding[4];
data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajfeatdb.c:101:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajfeatdb.c:165:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char DbName[24];
data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajfeatdb.c:166:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Release[12];
data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajfeatdb.c:167:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Date[4];
data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajfeatdb.c:220:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajfeatdb.c:249:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[6];
data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajfeatdb.c:360:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajfeatdb.c:1241:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char date[8]; /* ajReadbinCharTrim needs space for trailing null */
data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajseqdb.c:97:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajseqdb.c:161:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char DbName[24];
data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajseqdb.c:162:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Release[12];
data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajseqdb.c:163:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Date[4];
data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajseqdb.c:216:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajseqdb.c:245:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[6];
data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajseqdb.c:356:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajseqdb.c:644:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char aa_btoa[27] = {"-ARNDCQEGHILKMFPSTWYVBZX*"};
data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajseqdb.c:645:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char aa_btoa2[27]= {"-ABCDEFGHIKLMNPQRSTVWXYZ*"};
data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajseqdb.c:1388:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char date[8]; /* ajReadbinCharTrim needs space for trailing null */
data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajtextdb.c:153:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajtextdb.c:215:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char DbName[24];
data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajtextdb.c:216:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Release[12];
data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajtextdb.c:217:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Date[4];
data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajtextdb.c:270:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajtextdb.c:297:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajtextdb.c:345:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[6];
data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajtextdb.c:484:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajtextdb.c:526:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajtextdb.c:2379:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char date[8]; /* ajReadbinCharTrim needs space for trailing null */
data/emboss-6.6.0+dfsg/ajax/ajaxdb/ajtextdb.c:6141:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char lenbuff[8] = "0000";
data/emboss-6.6.0+dfsg/ajax/core/ajalign.c:111:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajarch.h:180:9:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
#define fopen(a,b) (FILE*)fopen64(a,b)
data/emboss-6.6.0+dfsg/ajax/core/ajarr.c:52:20:  [2] (buffer) bcopy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    return (void *)bcopy (src, dst, len);
data/emboss-6.6.0+dfsg/ajax/core/ajassemdata.h:211:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   Padding[7];
data/emboss-6.6.0+dfsg/ajax/core/ajassemdata.h:469:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char    Padding[7];
data/emboss-6.6.0+dfsg/ajax/core/ajassemread.c:1534:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&cigint, &d[dpos], 4);
data/emboss-6.6.0+dfsg/ajax/core/ajassemwrite.c:533:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char bam_nt16_table[256] =
data/emboss-6.6.0+dfsg/ajax/core/ajassemwrite.c:606:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(dpos, ajStrGetPtr(r->Name), c->l_qname);
data/emboss-6.6.0+dfsg/ajax/core/ajbamindex.c:702:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char magic[4];
data/emboss-6.6.0+dfsg/ajax/core/ajbamindex.c:863:24:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcpy(fnidx, fn); strcat(fnidx, ".bai");
data/emboss-6.6.0+dfsg/ajax/core/ajbamindex.c:864:10:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    fp = fopen(fnidx, "rb");
data/emboss-6.6.0+dfsg/ajax/core/ajbamindex.c:874:11:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	    fp = fopen(fnidx, "rb");
data/emboss-6.6.0+dfsg/ajax/core/ajbamindex.c:931:24:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcpy(fnidx, fn); strcat(fnidx, ".bai");
data/emboss-6.6.0+dfsg/ajax/core/ajbamindex.c:933:13:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    fpidx = fopen(fnidx, "wb");
data/emboss-6.6.0+dfsg/ajax/core/ajcod.c:71:55:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static AjBool codTripletAdd (const AjPCod thys, const char residue,
data/emboss-6.6.0+dfsg/ajax/core/ajcod.c:72:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
			     char triplet[4]);
data/emboss-6.6.0+dfsg/ajax/core/ajcod.c:535:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char codon[4] = "NNN";
data/emboss-6.6.0+dfsg/ajax/core/ajcod.c:550:6:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	    strcpy(codon, "---");
data/emboss-6.6.0+dfsg/ajax/core/ajcod.c:554:6:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	    strcpy(codon,"NNN");
data/emboss-6.6.0+dfsg/ajax/core/ajcod.c:576:6:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	    strcpy(codon,"TGA");
data/emboss-6.6.0+dfsg/ajax/core/ajcod.c:607:15:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
			     const char residue, char triplet[4])
data/emboss-6.6.0+dfsg/ajax/core/ajcod.c:607:29:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
			     const char residue, char triplet[4])
data/emboss-6.6.0+dfsg/ajax/core/ajcod.c:2279:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char ret[4] = "AAA";
data/emboss-6.6.0+dfsg/ajax/core/ajcod.c:2495:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char codon[4]="GGG";
data/emboss-6.6.0+dfsg/ajax/core/ajcod.c:2602:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char codon[4]="GGG";
data/emboss-6.6.0+dfsg/ajax/core/ajcod.c:2719:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char codon[4]="GGG";
data/emboss-6.6.0+dfsg/ajax/core/ajcod.c:2809:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char codon[4]="GGG";
data/emboss-6.6.0+dfsg/ajax/core/ajcod.c:2890:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char codon[4]="GGG";
data/emboss-6.6.0+dfsg/ajax/core/ajcod.c:2960:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char codon[4]="AAA";
data/emboss-6.6.0+dfsg/ajax/core/ajcod.c:3040:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char codon[4]="TTT";
data/emboss-6.6.0+dfsg/ajax/core/ajcod.h:102:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajdan.h:78:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajdmx.h:181:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajdom.h:170:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char  Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajdom.h:194:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajdom.h:201:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajdomain.c:152:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajdomain.c:187:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajdomain.h:192:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajdomain.h:293:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   Padding[3];
data/emboss-6.6.0+dfsg/ajax/core/ajdomain.h:348:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajexcept.h:98:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajfeatdata.h:195:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajfeatdata.h:234:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajfeatdata.h:336:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char          Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajfeatdata.h:420:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char              Padding[7];
data/emboss-6.6.0+dfsg/ajax/core/ajfeatread.c:274:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajfile.c:89:9:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
#define fopen(a,b) ajSysFuncFopen(a,b)
data/emboss-6.6.0+dfsg/ajax/core/ajfile.c:1228:20:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        thys->fp = fopen("NUL", "rb");
data/emboss-6.6.0+dfsg/ajax/core/ajfile.c:1231:20:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        thys->fp = fopen(ajStrGetPtr(thys->Name), "rb");
data/emboss-6.6.0+dfsg/ajax/core/ajfile.c:1411:20:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        thys->fp = fopen("NUL", "rb");
data/emboss-6.6.0+dfsg/ajax/core/ajfile.c:1414:20:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        thys->fp = fopen(ajStrGetPtr(thys->Name), "rb");
data/emboss-6.6.0+dfsg/ajax/core/ajfile.c:1499:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[sizeof(struct dirent)+MAXNAMLEN];
data/emboss-6.6.0+dfsg/ajax/core/ajfile.c:1599:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[sizeof(struct dirent)+MAXNAMLEN];
data/emboss-6.6.0+dfsg/ajax/core/ajfile.c:1735:20:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        thys->fp = fopen(ajStrGetPtr(name), "wb");
data/emboss-6.6.0+dfsg/ajax/core/ajfile.c:1738:20:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        thys->fp = fopen(ajStrGetPtr(name), "wb");
data/emboss-6.6.0+dfsg/ajax/core/ajfile.c:1799:24:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
            thys->fp = fopen("NUL", "wb");
data/emboss-6.6.0+dfsg/ajax/core/ajfile.c:1802:24:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
            thys->fp = fopen(ajStrGetPtr(name), "wb");
data/emboss-6.6.0+dfsg/ajax/core/ajfile.c:1821:20:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        thys->fp = fopen(ajStrGetPtr(fileDirfixTmp), "wb");
data/emboss-6.6.0+dfsg/ajax/core/ajfile.c:1887:24:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
            thys->fp = fopen("NUL", "wb");
data/emboss-6.6.0+dfsg/ajax/core/ajfile.c:1890:24:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
            thys->fp = fopen(ajStrGetPtr(name), "wb");
data/emboss-6.6.0+dfsg/ajax/core/ajfile.c:1907:20:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        thys->fp = fopen(ajStrGetPtr(fileDirfixTmp), "wb");
data/emboss-6.6.0+dfsg/ajax/core/ajfile.c:1958:20:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        thys->fp = fopen("NUL", "ab");
data/emboss-6.6.0+dfsg/ajax/core/ajfile.c:1961:20:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        thys->fp = fopen(ajStrGetPtr(name), "ab");
data/emboss-6.6.0+dfsg/ajax/core/ajfile.c:3194:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[sizeof(struct dirent)+MAXNAMLEN];
data/emboss-6.6.0+dfsg/ajax/core/ajfile.c:3293:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[sizeof(struct dirent)+MAXNAMLEN];
data/emboss-6.6.0+dfsg/ajax/core/ajfile.c:7113:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[sizeof(struct dirent)+MAXNAMLEN];
data/emboss-6.6.0+dfsg/ajax/core/ajfile.c:7439:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[sizeof(struct dirent)+MAXNAMLEN];
data/emboss-6.6.0+dfsg/ajax/core/ajfile.c:7645:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[sizeof(struct dirent)+MAXNAMLEN];
data/emboss-6.6.0+dfsg/ajax/core/ajfile.c:7837:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[sizeof(struct dirent)+MAXNAMLEN];
data/emboss-6.6.0+dfsg/ajax/core/ajfile.c:7958:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[sizeof(struct dirent)+MAXNAMLEN];
data/emboss-6.6.0+dfsg/ajax/core/ajfile.c:8070:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[sizeof(struct dirent)+MAXNAMLEN];
data/emboss-6.6.0+dfsg/ajax/core/ajfile.c:8181:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[sizeof(struct dirent)+MAXNAMLEN];
data/emboss-6.6.0+dfsg/ajax/core/ajfile.c:8387:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[sizeof(struct dirent)+MAXNAMLEN];
data/emboss-6.6.0+dfsg/ajax/core/ajfile.h:314:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajfile.h:354:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajfmt.c:392:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[43];
data/emboss-6.6.0+dfsg/ajax/core/ajfmt.c:495:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[43];
data/emboss-6.6.0+dfsg/ajax/core/ajfmt.c:574:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[43];
data/emboss-6.6.0+dfsg/ajax/core/ajfmt.c:653:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[43];
data/emboss-6.6.0+dfsg/ajax/core/ajfmt.c:754:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[43];
data/emboss-6.6.0+dfsg/ajax/core/ajfmt.c:864:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[DBL_MAX_10_EXP + 1 + 1 + 99 + 1];
data/emboss-6.6.0+dfsg/ajax/core/ajfmt.c:880:16:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        static char fmt[12] = "%.dd";
data/emboss-6.6.0+dfsg/ajax/core/ajfmt.c:1052:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[280];
data/emboss-6.6.0+dfsg/ajax/core/ajfmt.c:1053:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char yr[280];
data/emboss-6.6.0+dfsg/ajax/core/ajfmt.c:2509:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[EVF_BUF];
data/emboss-6.6.0+dfsg/ajax/core/ajindex.c:1329:17:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    cache->fp = fopen(MAJSTRGETPTR(cache->filename),mode);
data/emboss-6.6.0+dfsg/ajax/core/ajindex.c:14168:17:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    cache->fp = fopen(MAJSTRGETPTR(cache->filename),mode);
data/emboss-6.6.0+dfsg/ajax/core/ajindex.c:31641:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char nodetypebuf[512];
data/emboss-6.6.0+dfsg/ajax/core/ajindex.c:31667:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(nodetypebuf, "unknown (%u)", nodetype);
data/emboss-6.6.0+dfsg/ajax/core/ajindex.c:31673:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(nodetypebuf, "unknown (%u)", nodetype);
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:190:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:219:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:248:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:317:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:650:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:707:27:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define BT_GETAJINT(p,v) (memcpy((void*)v,(const void*)p,sizeof(ajint)))
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:708:28:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define BT_GETAJUINT(p,v) (memcpy((void*)v,(const void*)p,sizeof(ajuint)))
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:709:28:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define BT_GETAJLONG(p,v) (memcpy((void*)v,(const void*)p,sizeof(ajlong)))
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:710:29:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define BT_GETAJULONG(p,v) (memcpy((void*)v,(const void*)p,sizeof(ajulong)))
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:711:27:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define BT_SETAJINT(p,v) (memcpy((void*)p,(const void*)&v,sizeof(ajint)))
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:712:28:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define BT_SETAJUINT(p,v) (memcpy((void*)p,(const void*)&v,sizeof(ajuint)))
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:713:28:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define BT_SETAJLONG(p,v) (memcpy((void*)p,(const void*)&v,sizeof(ajlong)))
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:714:29:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define BT_SETAJULONG(p,v) (memcpy((void*)p,(const void*)&v,sizeof(ajulong)))
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:716:26:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define BT_GETAJINT(p,v) memcpy((void*)v,(const void*)p,sizeof(ajint)); \
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:718:27:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define BT_GETAJUINT(p,v) memcpy((void*)v,(const void*)p,sizeof(ajuint)); \
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:720:27:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define BT_GETAJLONG(p,v) memcpy((void*)v,(const void*)p,sizeof(ajlong)); \
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:722:28:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define BT_GETAJULONG(p,v) memcpy((void*)v,(const void*)p,sizeof(ajulong)); \
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:725:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy((void*)p,(const void*)&v,sizeof(ajint))
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:727:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy((void*)p,(const void*)&v,sizeof(ajuint))
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:729:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy((void*)p,(const void*)&v,sizeof(ajlong))
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:731:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy((void*)p,(const void*)&v,sizeof(ajulong))
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:755:32:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define GBT_BUCKNODETYPE(p,v) (memcpy((void*)v,                         \
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:758:32:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define GBT_BUCKNENTRIES(p,v) (memcpy((void*)v,                         \
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:761:32:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define GBT_BUCKOVERFLOW(p,v) (memcpy((void*)v,                         \
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:765:31:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define GBT_BUCKNODETYPE(p,v) memcpy((void*)v,                          \
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:769:31:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define GBT_BUCKNENTRIES(p,v) memcpy((void*)v,                          \
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:773:31:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define GBT_BUCKOVERFLOW(p,v) memcpy((void*)v,                          \
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:785:32:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define SBT_BUCKNODETYPE(p,v) (memcpy((void*)PBT_BUCKNODETYPE(p),       \
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:787:32:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define SBT_BUCKNENTRIES(p,v) (memcpy((void*)PBT_BUCKNENTRIES(p),       \
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:789:32:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define SBT_BUCKOVERFLOW(p,v) (memcpy((void*)PBT_BUCKOVERFLOW(p),       \
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:793:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy((void*)PBT_BUCKNODETYPE(p),                  \
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:796:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy((void*)PBT_BUCKNENTRIES(p),                  \
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:799:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy((void*)PBT_BUCKOVERFLOW(p),                  \
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:829:28:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define GBT_NODETYPE(p,v) (memcpy((void*)v,(const void*)PBT_NODETYPE(p), \
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:831:31:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define GBT_BLOCKNUMBER(p,v) (memcpy((void*)v,(const void*)PBT_BLOCKNUMBER(p), \
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:833:25:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define GBT_NKEYS(p,v) (memcpy((void*)v,(const void*)PBT_NKEYS(p),      \
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:835:26:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define GBT_TOTLEN(p,v) (memcpy((void*)v,(const void*)PBT_TOTLEN(p),    \
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:837:24:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define GBT_LEFT(p,v) (memcpy((void*)v,(const void*)PBT_LEFT(p),        \
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:839:25:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define GBT_RIGHT(p,v) (memcpy((void*)v,(const void*)PBT_RIGHT(p),      \
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:841:24:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define GBT_PREV(p,v) (memcpy((void*)v,(const void*)PBT_PREV(p),        \
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:843:28:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define GBT_OVERFLOW(p,v) (memcpy((void*)v,(const void*)PBT_OVERFLOW(p), \
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:846:27:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define GBT_NODETYPE(p,v) memcpy((void*)v,(const void*)PBT_NODETYPE(p), \
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:849:30:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define GBT_BLOCKNUMBER(p,v) memcpy((void*)v,(const void*)PBT_BLOCKNUMBER(p), \
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:852:24:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define GBT_NKEYS(p,v) memcpy((void*)v,(const void*)PBT_NKEYS(p),       \
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:855:25:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define GBT_TOTLEN(p,v) memcpy((void*)v,(const void*)PBT_TOTLEN(p),     \
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:858:23:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define GBT_LEFT(p,v) memcpy((void*)v,(const void*)PBT_LEFT(p), \
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:862:24:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define GBT_RIGHT(p,v) memcpy((void*)v,(const void*)PBT_RIGHT(p),       \
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:865:23:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define GBT_PREV(p,v) memcpy((void*)v,(const void*)PBT_PREV(p), \
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:868:27:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define GBT_OVERFLOW(p,v) memcpy((void*)v,(const void*)PBT_OVERFLOW(p), \
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:879:28:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define SBT_NODETYPE(p,v) (memcpy((void*)PBT_NODETYPE(p),(const void*)&v, \
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:881:31:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define SBT_BLOCKNUMBER(p,v) (memcpy((void*)PBT_BLOCKNUMBER(p),         \
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:883:25:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define SBT_NKEYS(p,v) (memcpy((void*)PBT_NKEYS(p),(const void*)&v,     \
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:885:26:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define SBT_TOTLEN(p,v) (memcpy((void*)PBT_TOTLEN(p),(const void*)&v,   \
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:887:24:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define SBT_LEFT(p,v) (memcpy((void*)PBT_LEFT(p),               \
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:889:25:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define SBT_RIGHT(p,v) (memcpy((void*)PBT_RIGHT(p),                     \
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:891:24:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define SBT_PREV(p,v) (memcpy((void*)PBT_PREV(p),               \
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:893:28:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define SBT_OVERFLOW(p,v) (memcpy((void*)PBT_OVERFLOW(p),               \
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:897:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy((void*)PBT_NODETYPE(p),(const void*)&v,      \
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:900:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy((void*)PBT_BLOCKNUMBER(p),                   \
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:903:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy((void*)PBT_NKEYS(p),(const void*)&v, \
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:906:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy((void*)PBT_TOTLEN(p),(const void*)&v,        \
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:909:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy((void*)PBT_LEFT(p),                  \
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:912:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy((void*)PBT_RIGHT(p),                 \
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:915:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy((void*)PBT_PREV(p),                  \
data/emboss-6.6.0+dfsg/ajax/core/ajindex.h:918:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy((void*)PBT_OVERFLOW(p),              \
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:2216:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    n = sprintf(buf,"%d",size);
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:2239:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
 	memcpy((void *)buf,(const void *)&fbuf[pos],JBUFFLEN);
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:2254:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    memcpy((void *)buf,(const void *)&fbuf[pos],size-pos);
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:2667:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy((void *)ptr,(const void *)buf,nread);
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:2703:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy((void *)ptr,(const void *)buf,nread);
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:2743:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy((void *)ptr,(const void *)buf,nread);
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:2787:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    memcpy((void *)ptr,(const void *)buf,nread);
data/emboss-6.6.0+dfsg/ajax/core/ajmem.h:62:26:  [2] (buffer) bcopy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define ajMemMove(d,s,l) bcopy(s,d,l)
data/emboss-6.6.0+dfsg/ajax/core/ajmess.c:46:9:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
#define fopen(a,b) ajSysFuncFopen(a,b)
data/emboss-6.6.0+dfsg/ajax/core/ajmess.c:174:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char messbuf[BUFSIZE];
data/emboss-6.6.0+dfsg/ajax/core/ajmess.c:241:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajmess.c:630:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char dumpbuf[BUFSIZE];   /* BEWARE limited buffer size. */
data/emboss-6.6.0+dfsg/ajax/core/ajmess.c:1012:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char prefix[1024];
data/emboss-6.6.0+dfsg/ajax/core/ajmess.c:1078:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char prefix[1024];
data/emboss-6.6.0+dfsg/ajax/core/ajmess.c:1476:11:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	if((fp = fopen(errfile,"r")))
data/emboss-6.6.0+dfsg/ajax/core/ajmess.c:1504:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char line[512];
data/emboss-6.6.0+dfsg/ajax/core/ajmess.c:1505:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char name[12];
data/emboss-6.6.0+dfsg/ajax/core/ajmess.c:1506:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char message[200];
data/emboss-6.6.0+dfsg/ajax/core/ajmess.c:1514:7:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	fp = fopen(messErrorFile,"r");
data/emboss-6.6.0+dfsg/ajax/core/ajmess.c:1520:7:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	fp = fopen(messErrorFile,"r");
data/emboss-6.6.0+dfsg/ajax/core/ajnam.c:143:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char namInstallRoot[MAX_PATH];
data/emboss-6.6.0+dfsg/ajax/core/ajnexus.h:78:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char    Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajnexus.h:148:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[5];
data/emboss-6.6.0+dfsg/ajax/core/ajnexus.h:194:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[7];
data/emboss-6.6.0+dfsg/ajax/core/ajnexus.h:237:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[7];
data/emboss-6.6.0+dfsg/ajax/core/ajnexus.h:445:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajobodata.h:339:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajpat.h:88:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char  Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajpat.h:212:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char      Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajpat.h:260:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajpat.h:298:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajpdb.h:187:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[2];
data/emboss-6.6.0+dfsg/ajax/core/ajpdb.h:324:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[1];
data/emboss-6.6.0+dfsg/ajax/core/ajpdb.h:379:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[7];
data/emboss-6.6.0+dfsg/ajax/core/ajpdb.h:484:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajpdb.h:522:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajpdb.h:561:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajpdb.h:599:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[3];
data/emboss-6.6.0+dfsg/ajax/core/ajpdb.h:633:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajpdb.h:721:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[6];
data/emboss-6.6.0+dfsg/ajax/core/ajpdb.h:779:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajpdbio.c:157:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[6];
data/emboss-6.6.0+dfsg/ajax/core/ajpdbio.c:191:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajpdbio.c:2533:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char pdbn[6];               /* Residue number */
data/emboss-6.6.0+dfsg/ajax/core/ajphylo.h:90:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajphylo.h:153:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajphylo.h:236:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajquerydata.h:322:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajrange.h:82:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajrefseqdata.h:162:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajreport.h:152:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajresourcedata.h:289:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajseq.h:99:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajseqabi.c:67:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char pabi[5];
data/emboss-6.6.0+dfsg/ajax/core/ajseqabi.c:710:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[sizeof(ajlong)];
data/emboss-6.6.0+dfsg/ajax/core/ajseqabi.c:746:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[sizeof(ajlong)];
data/emboss-6.6.0+dfsg/ajax/core/ajseqabi.c:780:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[sizeof(ajshort)];
data/emboss-6.6.0+dfsg/ajax/core/ajseqbam.c:51:9:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
#define open _open
data/emboss-6.6.0+dfsg/ajax/core/ajseqbam.c:89:10:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
unsigned char bam_nt16_table[256] =
data/emboss-6.6.0+dfsg/ajax/core/ajseqbam.c:124:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char key[2];
data/emboss-6.6.0+dfsg/ajax/core/ajseqbam.c:125:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[6];
data/emboss-6.6.0+dfsg/ajax/core/ajseqbam.c:145:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char type[2];
data/emboss-6.6.0+dfsg/ajax/core/ajseqbam.c:146:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[6];
data/emboss-6.6.0+dfsg/ajax/core/ajseqbam.c:158:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char *bamGetAux(const AjPSeqBam b, const char tag[2]);
data/emboss-6.6.0+dfsg/ajax/core/ajseqbam.c:158:58:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char *bamGetAux(const AjPSeqBam b, const char tag[2]);
data/emboss-6.6.0+dfsg/ajax/core/ajseqbam.c:168:67:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static AjPTable       bamHeaderTotable(const AjPList _dict, const char type[2],
data/emboss-6.6.0+dfsg/ajax/core/ajseqbam.c:169:45:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                      const char key_tag[2],
data/emboss-6.6.0+dfsg/ajax/core/ajseqbam.c:170:45:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                      const char value_tag[2]);
data/emboss-6.6.0+dfsg/ajax/core/ajseqbam.c:513:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[4];
data/emboss-6.6.0+dfsg/ajax/core/ajseqbam.c:649:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(&n, s + 1, 4);
data/emboss-6.6.0+dfsg/ajax/core/ajseqbam.c:1172:14:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        fd = open(path, oflag);
data/emboss-6.6.0+dfsg/ajax/core/ajseqbam.c:1185:14:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        fd = open(path, oflag, 0666);
data/emboss-6.6.0+dfsg/ajax/core/ajseqbam.c:1487:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy((unsigned char*)fp->uncompressed_block,
data/emboss-6.6.0+dfsg/ajax/core/ajseqbam.c:1637:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(fp->uncompressed_block, p->block, AJSEQBAM_MAX_BLOCK_SIZE);
data/emboss-6.6.0+dfsg/ajax/core/ajseqbam.c:1683:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(p->block, fp->uncompressed_block, AJSEQBAM_MAX_BLOCK_SIZE);
data/emboss-6.6.0+dfsg/ajax/core/ajseqbam.c:1711:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char header[AJSEQBAM_BLOCK_HEADER_LENGTH];
data/emboss-6.6.0+dfsg/ajax/core/ajseqbam.c:1748:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(compressed_block, header, AJSEQBAM_BLOCK_HEADER_LENGTH);
data/emboss-6.6.0+dfsg/ajax/core/ajseqbam.c:1834:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(output, buffer + fp->block_offset, copy_length);
data/emboss-6.6.0+dfsg/ajax/core/ajseqbam.c:1934:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(buffer + fp->block_offset, input, copy_length);
data/emboss-6.6.0+dfsg/ajax/core/ajseqbam.c:2018:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static unsigned char magic[28] = "\037\213\010\4\0\0\0\0\0\377\6\0"
data/emboss-6.6.0+dfsg/ajax/core/ajseqbam.c:2020:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[28];
data/emboss-6.6.0+dfsg/ajax/core/ajseqbam.c:2069:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char bambuf [4] = "   ";
data/emboss-6.6.0+dfsg/ajax/core/ajseqbam.c:2324:60:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static AjPTable bamHeaderTotable(const AjPList dict, const char type[2],
data/emboss-6.6.0+dfsg/ajax/core/ajseqbam.c:2325:40:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                 const char key_tag[2],
data/emboss-6.6.0+dfsg/ajax/core/ajseqbam.c:2326:40:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                                 const char value_tag[2])
data/emboss-6.6.0+dfsg/ajax/core/ajseqbam.c:2425:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(*lineptr,text,len);
data/emboss-6.6.0+dfsg/ajax/core/ajseqbam.c:2791:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(tag->value,value_from,len+1);
data/emboss-6.6.0+dfsg/ajax/core/ajseqbam.c:2838:43:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void ajSeqBamAuxAppend(AjPSeqBam b, const char tag[2],
data/emboss-6.6.0+dfsg/ajax/core/ajseqbam.c:2853:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(b->data + ori_len + 3, data, len);
data/emboss-6.6.0+dfsg/ajax/core/ajseqbam.c:2871:58:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char* bamGetAux(const AjPSeqBam b, const char tag[2])
data/emboss-6.6.0+dfsg/ajax/core/ajseqbam.h:247:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[5];
data/emboss-6.6.0+dfsg/ajax/core/ajseqbam.h:460:43:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void ajSeqBamAuxAppend(AjPSeqBam b, const char tag[2],
data/emboss-6.6.0+dfsg/ajax/core/ajseqdata.h:302:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajseqdata.h:342:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajseqdata.h:559:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajseqdata.h:699:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajseqdata.h:899:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajseqread.c:338:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajseqread.c:610:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char version[4];         /* "version.revision", eg '3' '.' '0' '0' */
data/emboss-6.6.0+dfsg/ajax/core/ajseqread.c:660:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char spare[3];         /* Spare */
data/emboss-6.6.0+dfsg/ajax/core/ajseqread.c:713:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajseqread.c:4715:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char chars[4];
data/emboss-6.6.0+dfsg/ajax/core/ajseqread.c:10235:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(&cigint, &d[dpos], 4);
data/emboss-6.6.0+dfsg/ajax/core/ajseqwrite.c:193:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char endstr[20];
data/emboss-6.6.0+dfsg/ajax/core/ajseqwrite.c:194:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char leftstr[20];
data/emboss-6.6.0+dfsg/ajax/core/ajseqwrite.c:195:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[2];
data/emboss-6.6.0+dfsg/ajax/core/ajseqwrite.c:2150:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char chars[4];
data/emboss-6.6.0+dfsg/ajax/core/ajseqwrite.c:3730:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(sf->endstr, "\n///");
data/emboss-6.6.0+dfsg/ajax/core/ajseqwrite.c:3788:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(sf->endstr, "*\n");
data/emboss-6.6.0+dfsg/ajax/core/ajseqwrite.c:3976:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(sf->endstr, "\n//");
data/emboss-6.6.0+dfsg/ajax/core/ajseqwrite.c:4166:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(sf->endstr, "\n//");
data/emboss-6.6.0+dfsg/ajax/core/ajseqwrite.c:4605:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(sf->endstr, "\n//");
data/emboss-6.6.0+dfsg/ajax/core/ajseqwrite.c:4800:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(sf->endstr, "\n//");
data/emboss-6.6.0+dfsg/ajax/core/ajseqwrite.c:5581:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(sf->endstr, "\n//");
data/emboss-6.6.0+dfsg/ajax/core/ajseqwrite.c:5940:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(sf->endstr, "\n//");
data/emboss-6.6.0+dfsg/ajax/core/ajseqwrite.c:6283:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(sf->endstr, "\n//");
data/emboss-6.6.0+dfsg/ajax/core/ajseqwrite.c:6626:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(sf->endstr, "\n//");
data/emboss-6.6.0+dfsg/ajax/core/ajseqwrite.c:6957:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(sf->endstr, "\n//");
data/emboss-6.6.0+dfsg/ajax/core/ajseqwrite.c:7006:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(sf->leftstr, "##");
data/emboss-6.6.0+dfsg/ajax/core/ajseqwrite.c:7139:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char bam_nt16_table[256] =
data/emboss-6.6.0+dfsg/ajax/core/ajseqwrite.c:7227:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(dpos, ajStrGetPtr(outseq->Name), core->l_qname);
data/emboss-6.6.0+dfsg/ajax/core/ajseqwrite.c:7240:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(dpos, ajStrGetPtr(qualstr), ilen);
data/emboss-6.6.0+dfsg/ajax/core/ajseqwrite.c:7500:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(sf->endstr, "\n//");
data/emboss-6.6.0+dfsg/ajax/core/ajseqwrite.c:7833:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(sf->endstr, "\"\n      } } ,");
data/emboss-6.6.0+dfsg/ajax/core/ajseqwrite.c:8458:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char s[1024];			/* the output line */
data/emboss-6.6.0+dfsg/ajax/core/ajseqwrite.c:8460:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char nameform[20];
data/emboss-6.6.0+dfsg/ajax/core/ajseqwrite.c:8461:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char numform[20];
data/emboss-6.6.0+dfsg/ajax/core/ajseqwrite.c:8462:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char nocountsymbols[20];
data/emboss-6.6.0+dfsg/ajax/core/ajseqwrite.c:8504:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(nameform, "%%%u.%us ",sf->namewidth,sf->namewidth);
data/emboss-6.6.0+dfsg/ajax/core/ajseqwrite.c:8507:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(numform, "%%%us ",sf->numwidth);
data/emboss-6.6.0+dfsg/ajax/core/ajseqwrite.c:8509:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(numform, "%%%ud",sf->numwidth);
data/emboss-6.6.0+dfsg/ajax/core/ajseqwrite.c:9860:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char numform[20];
data/emboss-6.6.0+dfsg/ajax/core/ajseqwrite.c:9870:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(numform, "%d", seqlen);
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:72:20:  [2] (buffer) bcopy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    return (void *)bcopy(src, dst, len);
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:89:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char charNULL[1] = "";
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:2157:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char txt[2] = " ";
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:3747:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tmpstr[2] = "?";
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:5174:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char filter[256] = {'\0'};		/* should make all zero */
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:6485:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char filter[256] = {'\0'};		/* should make all zero */
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:6587:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char filter[256] = {'\0'};		/* should make all zero */
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:7068:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char filter[256] = {'\0'};		/* should make all zero */
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:7165:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char filter[256] = {'\0'};		/* should make all zero */
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:7210:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char filter[256] = {'\0'};		/* should make all zero */
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:9352:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char fmt[12];
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:9361:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(fmt, "%%.%df", precision);
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:9390:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char fmt[12];
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:9399:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(fmt, "%%.%de", precision);
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:9427:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char fmt[12];
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:9436:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(fmt, "%%.%df", precision);
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:9547:17:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    thys->Len = sprintf(thys->Ptr, "%u", val);
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:10023:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char filter[256];
data/emboss-6.6.0+dfsg/ajax/core/ajstr.h:177:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajsys.c:53:9:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
#define open     _open
data/emboss-6.6.0+dfsg/ajax/core/ajsys.c:751:5:  [2] (buffer) TCHAR:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    TCHAR wpath[MAX_PATH];
data/emboss-6.6.0+dfsg/ajax/core/ajsys.c:806:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char hdbuff[MAX_PATH];
data/emboss-6.6.0+dfsg/ajax/core/ajsys.c:947:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char cbuf[1024];
data/emboss-6.6.0+dfsg/ajax/core/ajsys.c:950:12:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    from = open(name, O_RDONLY);
data/emboss-6.6.0+dfsg/ajax/core/ajsys.c:958:10:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    to = open(name2, O_WRONLY|O_CREAT, 0644);
data/emboss-6.6.0+dfsg/ajax/core/ajsys.c:1383:8:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	ret = fopen(ajStrGetPtr(fname),flags);
data/emboss-6.6.0+dfsg/ajax/core/ajsys.c:1387:13:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      ret = fopen(name,flags);
data/emboss-6.6.0+dfsg/ajax/core/ajsys.c:1389:8:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	ret = fopen(name,flags);
data/emboss-6.6.0+dfsg/ajax/core/ajtaxdata.h:187:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajtextdata.h:255:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajtime.h:80:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajtranslate.c:2305:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char aalist[65] = "";
data/emboss-6.6.0+dfsg/ajax/core/ajtranslate.c:2451:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char store[2];
data/emboss-6.6.0+dfsg/ajax/core/ajtranslate.c:2475:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char store[2];
data/emboss-6.6.0+dfsg/ajax/core/ajtranslate.h:138:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char GC[16][16][16];
data/emboss-6.6.0+dfsg/ajax/core/ajtranslate.h:139:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Starts[16][16][16];
data/emboss-6.6.0+dfsg/ajax/core/ajtree.h:115:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajurldata.h:175:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajutil.c:357:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char chars[8];
data/emboss-6.6.0+dfsg/ajax/core/ajutil.c:402:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char chars[2];
data/emboss-6.6.0+dfsg/ajax/core/ajutil.c:447:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char chars[2];
data/emboss-6.6.0+dfsg/ajax/core/ajutil.c:492:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char chars[4];
data/emboss-6.6.0+dfsg/ajax/core/ajutil.c:537:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char chars[4];
data/emboss-6.6.0+dfsg/ajax/core/ajutil.c:582:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char chars[8];
data/emboss-6.6.0+dfsg/ajax/core/ajutil.c:627:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char chars[8];
data/emboss-6.6.0+dfsg/ajax/core/ajutil.c:669:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char chars[8];
data/emboss-6.6.0+dfsg/ajax/core/ajutil.c:711:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char chars[8];
data/emboss-6.6.0+dfsg/ajax/core/ajutil.c:753:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char chars[8];
data/emboss-6.6.0+dfsg/ajax/core/ajutil.c:795:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char chars[8];
data/emboss-6.6.0+dfsg/ajax/core/ajutil.c:1158:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char chars[sizeof(ajint)];
data/emboss-6.6.0+dfsg/ajax/core/ajutil.c:1225:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char nameBuf[UNLEN+1];
data/emboss-6.6.0+dfsg/ajax/core/ajvar.c:809:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char numberfield[128] = {' ', '\0'};
data/emboss-6.6.0+dfsg/ajax/core/ajvar.c:820:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf(numberfield, "%d", var->Number);
data/emboss-6.6.0+dfsg/ajax/core/ajvarbcf.c:113:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char magic[4];
data/emboss-6.6.0+dfsg/ajax/core/ajvarbcf.c:253:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *tmp[5];
data/emboss-6.6.0+dfsg/ajax/core/ajvardata.h:312:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/core/ajvarwrite.c:703:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(h->sname, ajStrGetPtr(smpl), h->l_smpl);
data/emboss-6.6.0+dfsg/ajax/core/ajvarwrite.c:776:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy((void*)b->str, ajStrGetPtr(str), b->l_str);
data/emboss-6.6.0+dfsg/ajax/core/ajvarwrite.c:983:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(h->sname, ajStrGetPtr(smpl), h->l_smpl);
data/emboss-6.6.0+dfsg/ajax/core/ajvarwrite.c:1059:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy((void*)b->str, ajStrGetPtr(str), b->l_str);
data/emboss-6.6.0+dfsg/ajax/core/ajxmldata.h:163:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/ensembl/ensprediction.h:109:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/ensembl/ensqcalignment.h:113:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/ensembl/ensqcvariation.h:189:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/ajax/expat/xmlparse.c:89:24:  [2] (buffer) bcopy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define memmove(d,s,l) bcopy((s),(d),(l))
data/emboss-6.6.0+dfsg/ajax/expat/xmlparse.c:208:12:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  XML_Bool open;
data/emboss-6.6.0+dfsg/ajax/expat/xmlparse.c:1537:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(buffer, end, nLeftOver);
data/emboss-6.6.0+dfsg/ajax/expat/xmlparse.c:1553:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(buff, s, len);
data/emboss-6.6.0+dfsg/ajax/expat/xmlparse.c:1666:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(newBuf, &bufferPtr[-keep], bufferEnd - bufferPtr + keep);
data/emboss-6.6.0+dfsg/ajax/expat/xmlparse.c:1678:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(newBuf, bufferPtr, bufferEnd - bufferPtr);
data/emboss-6.6.0+dfsg/ajax/expat/xmlparse.c:2019:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(rawNameBuf, tag->rawName, tag->rawNameLength);
data/emboss-6.6.0+dfsg/ajax/expat/xmlparse.c:2272:21:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        if (entity->open)
data/emboss-6.6.0+dfsg/ajax/expat/xmlparse.c:2932:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(uri, binding->uri, binding->uriLen * sizeof(XML_Char));
data/emboss-6.6.0+dfsg/ajax/expat/xmlparse.c:2941:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(uri, localPart, i * sizeof(XML_Char));
data/emboss-6.6.0+dfsg/ajax/expat/xmlparse.c:2946:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(uri + 1, binding->prefix->name, prefixLen * sizeof(XML_Char));
data/emboss-6.6.0+dfsg/ajax/expat/xmlparse.c:3049:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(b->uri, uri, len * sizeof(XML_Char));
data/emboss-6.6.0+dfsg/ajax/expat/xmlparse.c:3300:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char encodingBuf[128];
data/emboss-6.6.0+dfsg/ajax/expat/xmlparse.c:4413:21:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        if (entity->open)
data/emboss-6.6.0+dfsg/ajax/expat/xmlparse.c:4947:21:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        if (entity->open) {
data/emboss-6.6.0+dfsg/ajax/expat/xmlparse.c:5034:21:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        if (entity->open) {
data/emboss-6.6.0+dfsg/ajax/expat/xmlparse.c:5444:13:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if (!e->open)
data/emboss-6.6.0+dfsg/ajax/expat/xmlparse.c:6122:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(pool->blocks->s, pool->start,
data/emboss-6.6.0+dfsg/ajax/expat/xmlparse.c:6158:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(tem->s, pool->start,
data/emboss-6.6.0+dfsg/ajax/expat/xmltok.c:188:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char type[256];
data/emboss-6.6.0+dfsg/ajax/expat/xmltok.c:960:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buf[1];
data/emboss-6.6.0+dfsg/ajax/expat/xmltok.c:995:8:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  char open;
data/emboss-6.6.0+dfsg/ajax/expat/xmltok.c:1054:14:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if (c == open)
data/emboss-6.6.0+dfsg/ajax/expat/xmltok.c:1262:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char utf8[256][4];
data/emboss-6.6.0+dfsg/ajax/expat/xmltok.c:1307:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buf[XML_UTF8_ENCODE_MAX];
data/emboss-6.6.0+dfsg/ajax/expat/xmltok.c:1364:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    ((char *)mem)[i] = ((char *)&latin1_encoding)[i];
data/emboss-6.6.0+dfsg/ajax/expat/xmltok_impl.c:576:13:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        int open;
data/emboss-6.6.0+dfsg/ajax/expat/xmltok_impl.c:587:19:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
          switch (open) {
data/emboss-6.6.0+dfsg/ajax/expat/xmltok_impl.c:604:20:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
          if (t == open)
data/emboss-6.6.0+dfsg/ajax/expat/xmltok_impl.c:940:21:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
PREFIX(scanLit)(int open, const ENCODING *enc,
data/emboss-6.6.0+dfsg/ajax/expat/xmltok_impl.c:951:16:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      if (t != open)
data/emboss-6.6.0+dfsg/ajax/expat/xmltok_impl.c:1500:60:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
                   || BYTE_TYPE(enc, ptr + MINBPC(enc)) == open))
data/emboss-6.6.0+dfsg/ajax/expat/xmltok_ns.c:75:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buf[ENCODING_MAX];
data/emboss-6.6.0+dfsg/ajax/graphics/ajgraph.c:562:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char xopt[15] = " ";
data/emboss-6.6.0+dfsg/ajax/graphics/ajgraph.c:563:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char yopt[15] = " ";
data/emboss-6.6.0+dfsg/ajax/graphics/ajgraph.c:8380:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char filename[1024];
data/emboss-6.6.0+dfsg/ajax/graphics/ajgraph.c:9925:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char textchar[2];
data/emboss-6.6.0+dfsg/ajax/graphics/ajgraphstruct.h:87:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char Padding[4];
data/emboss-6.6.0+dfsg/ajax/graphics/ajgraphstruct.h:152:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char Padding[4];
data/emboss-6.6.0+dfsg/ajax/graphics/ajhist.h:110:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char Padding[4];
data/emboss-6.6.0+dfsg/ajax/pcre/pcre.h:247:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char padding[4];
data/emboss-6.6.0+dfsg/ajax/pcre/pcre_compile.c:840:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char name[32];
data/emboss-6.6.0+dfsg/ajax/pcre/pcre_compile.c:3043:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(pbits, cbits + posix_class_maps[posix_class],
data/emboss-6.6.0+dfsg/ajax/pcre/pcre_compile.c:3663:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(code, classbits, 32);
data/emboss-6.6.0+dfsg/ajax/pcre/pcre_compile.c:3688:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(code, classbits, 32);
data/emboss-6.6.0+dfsg/ajax/pcre/pcre_compile.c:3781:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(utf8_char, lastchar, c); /* Save the char */
data/emboss-6.6.0+dfsg/ajax/pcre/pcre_compile.c:3930:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(code, utf8_char, c & 7);
data/emboss-6.6.0+dfsg/ajax/pcre/pcre_compile.c:3955:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(code, utf8_char, c & 7);
data/emboss-6.6.0+dfsg/ajax/pcre/pcre_compile.c:3985:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(code, utf8_char, c & 7);
data/emboss-6.6.0+dfsg/ajax/pcre/pcre_compile.c:4182:15:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
              memcpy(code, previous, len);
data/emboss-6.6.0+dfsg/ajax/pcre/pcre_compile.c:4248:11:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
          memcpy(code, previous, len);
data/emboss-6.6.0+dfsg/ajax/pcre/pcre_compile.c:4829:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(slot + 2, name, namelen);
data/emboss-6.6.0+dfsg/ajax/pcre/pcre_dfa_exec.c:426:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(new_states, active_states, new_count * sizeof(stateblock));
data/emboss-6.6.0+dfsg/ajax/pcre/pcre_exec.c:1091:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(new_recursive.offset_save, md->offset_vector,
data/emboss-6.6.0+dfsg/ajax/pcre/pcre_exec.c:1122:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(md->offset_vector, new_recursive.offset_save,
data/emboss-6.6.0+dfsg/ajax/pcre/pcre_exec.c:1316:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(md->offset_vector, rec->offset_save,
data/emboss-6.6.0+dfsg/ajax/pcre/pcre_exec.c:4996:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(offsets + 2, md->offset_vector + 2,
data/emboss-6.6.0+dfsg/ajax/pcre/pcre_get.c:244:1:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
memcpy(buffer, subject + ovector[stringnumber], yield);
data/emboss-6.6.0+dfsg/ajax/pcre/pcre_get.c:333:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(p, subject + ovector[i], len);
data/emboss-6.6.0+dfsg/ajax/pcre/pcre_get.c:401:1:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
memcpy(substring, subject + ovector[stringnumber], yield);
data/emboss-6.6.0+dfsg/ajax/pcre/pcre_internal.h:278:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define memcpy(d,s,n)    _memcpy(d,s,n)
data/emboss-6.6.0+dfsg/ajax/pcre/pcre_internal.h:291:26:  [2] (buffer) bcopy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define memmove(a, b, c) bcopy(b, a, c)
data/emboss-6.6.0+dfsg/ajax/pcre/pcre_study.c:583:1:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
memcpy(study->start_bits, start_bits, sizeof(start_bits));
data/emboss-6.6.0+dfsg/ajax/zlib/crc32.c:163:15:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        out = fopen("crc32.h", "w");
data/emboss-6.6.0+dfsg/ajax/zlib/gzlib.c:32:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char buf[1024];
data/emboss-6.6.0+dfsg/ajax/zlib/gzlib.c:61:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(buf, "unknown win32 error (%ld)", error);
data/emboss-6.6.0+dfsg/ajax/zlib/gzlib.c:160:9:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        open(path,
data/emboss-6.6.0+dfsg/ajax/zlib/gzlib.c:221:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(path, "<fd:%d>", fd);   /* for debugging */
data/emboss-6.6.0+dfsg/ajax/zlib/gzlib.c:515:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(state->msg, ": ");
data/emboss-6.6.0+dfsg/ajax/zlib/gzread.c:216:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(state->next + state->have, strm->next_in, strm->avail_in);
data/emboss-6.6.0+dfsg/ajax/zlib/gzread.c:405:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(buf, state->next, n);
data/emboss-6.6.0+dfsg/ajax/zlib/gzread.c:457:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[1];
data/emboss-6.6.0+dfsg/ajax/zlib/gzread.c:589:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(buf, state->next, n);
data/emboss-6.6.0+dfsg/ajax/zlib/gzwrite.c:194:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(strm->next_in + strm->avail_in, buf, n);
data/emboss-6.6.0+dfsg/ajax/zlib/gzwrite.c:225:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[1];
data/emboss-6.6.0+dfsg/ajax/zlib/inflate.c:607:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char hbuf[4];      /* buffer for gzip header crc calculation */
data/emboss-6.6.0+dfsg/ajax/zlib/inflate.c:1350:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[4];       /* to restore bit buffer to byte string */
data/emboss-6.6.0+dfsg/ajax/zlib/trees.c:335:20:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    FILE *header = fopen("trees.h", "w");
data/emboss-6.6.0+dfsg/ajax/zlib/zlibemboss.h:13:9:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
#define open _open
data/emboss-6.6.0+dfsg/ajax/zlib/zutil.c:14:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
const char * const z_errmsg[10] = {
data/emboss-6.6.0+dfsg/ajax/zlib/zutil.h:43:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
extern const char * const z_errmsg[10]; /* indexed by 2-zlib_error */
data/emboss-6.6.0+dfsg/ajax/zlib/zutil.h:101:6:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
     fopen((name), (mode), "mbc=60", "ctx=stm", "rfm=fix", "mrs=512")
data/emboss-6.6.0+dfsg/ajax/zlib/zutil.h:175:30:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
#  define F_OPEN(name, mode) fopen((name), (mode))
data/emboss-6.6.0+dfsg/ajax/zlib/zutil.h:234:21:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#    define zmemcpy memcpy
data/emboss-6.6.0+dfsg/emboss/abiview.c:427:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char res[2];
data/emboss-6.6.0+dfsg/emboss/abiview.c:477:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char res[2];
data/emboss-6.6.0+dfsg/emboss/banana.c:72:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char residue[2];
data/emboss-6.6.0+dfsg/emboss/chaos.c:46:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char line[40];
data/emboss-6.6.0+dfsg/emboss/chaos.c:118:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(line,"A %d",a);
data/emboss-6.6.0+dfsg/emboss/chaos.c:120:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(line,"C %d",c);
data/emboss-6.6.0+dfsg/emboss/chaos.c:122:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(line,"T %d",t);
data/emboss-6.6.0+dfsg/emboss/chaos.c:124:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(line,"G %d",t);
data/emboss-6.6.0+dfsg/emboss/chaos.c:126:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(line,"N %d",n);
data/emboss-6.6.0+dfsg/emboss/chaos.c:130:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(line,"%cA %3.2f",'%',((float)a/(float)len)*
data/emboss-6.6.0+dfsg/emboss/chaos.c:133:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(line,"%cC %3.2f",'%',((float)c/(float)len)*
data/emboss-6.6.0+dfsg/emboss/chaos.c:136:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(line,"%cT %3.2f",'%',((float)t/(float)len)*
data/emboss-6.6.0+dfsg/emboss/chaos.c:139:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(line,"%cG %3.2f",'%',((float)g/(float)len)*
data/emboss-6.6.0+dfsg/emboss/chaos.c:142:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(line,"%cN %3.2f",'%',((float)n/(float)len)*
data/emboss-6.6.0+dfsg/emboss/cutgextract.c:58:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char  Padding[4];
data/emboss-6.6.0+dfsg/emboss/dbiblast.c:195:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char Padding[4];
data/emboss-6.6.0+dfsg/emboss/dbiblast.c:224:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char Padding[4];
data/emboss-6.6.0+dfsg/emboss/dbiblast.c:408:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char date[4] =
data/emboss-6.6.0+dfsg/emboss/dbiblast.c:1694:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(dest, &mf->Mem[mf->Pos], i);
data/emboss-6.6.0+dfsg/emboss/dbifasta.c:151:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char date[4] =
data/emboss-6.6.0+dfsg/emboss/dbiflat.c:211:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char date[4] =
data/emboss-6.6.0+dfsg/emboss/dbigcg.c:221:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char date[4] =
data/emboss-6.6.0+dfsg/emboss/dbxgcg.c:119:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   Padding[4];
data/emboss-6.6.0+dfsg/emboss/diffseq.c:59:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[3];
data/emboss-6.6.0+dfsg/emboss/dotmatcher.c:116:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char ptr[10];
data/emboss-6.6.0+dfsg/emboss/dotmatcher.c:356:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(ptr,"%d",b1-1);
data/emboss-6.6.0+dfsg/emboss/dotmatcher.c:361:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(ptr,"%u",len1+b1-1);
data/emboss-6.6.0+dfsg/emboss/dotmatcher.c:369:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		sprintf(ptr,"%d",(ajint)k2+b1-1);
data/emboss-6.6.0+dfsg/emboss/dotmatcher.c:385:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(ptr,"%d",b2-1);
data/emboss-6.6.0+dfsg/emboss/dotmatcher.c:390:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(ptr,"%u",len2+b2-1);
data/emboss-6.6.0+dfsg/emboss/dotmatcher.c:397:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		sprintf(ptr,"%d",(ajint)k2+b2-1);
data/emboss-6.6.0+dfsg/emboss/dotpath.c:76:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char ptr[10];
data/emboss-6.6.0+dfsg/emboss/dotpath.c:161:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(ptr,"%u",ajSeqGetOffset(seq1));
data/emboss-6.6.0+dfsg/emboss/dotpath.c:166:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(ptr,"%u",len1+ajSeqGetOffset(seq1));
data/emboss-6.6.0+dfsg/emboss/dotpath.c:173:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		sprintf(ptr,"%u",(ajint)k+ajSeqGetOffset(seq1));
data/emboss-6.6.0+dfsg/emboss/dotpath.c:196:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(ptr,"%u",ajSeqGetOffset(seq2));
data/emboss-6.6.0+dfsg/emboss/dotpath.c:201:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(ptr,"%u",len2+ajSeqGetOffset(seq2));
data/emboss-6.6.0+dfsg/emboss/dotpath.c:208:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		sprintf(ptr,"%u",(ajint)k+ajSeqGetOffset(seq2));
data/emboss-6.6.0+dfsg/emboss/dottup.c:81:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char ptr[10];
data/emboss-6.6.0+dfsg/emboss/dottup.c:180:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		sprintf(ptr,"%u",ajSeqGetOffset(seq1));
data/emboss-6.6.0+dfsg/emboss/dottup.c:185:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		sprintf(ptr,"%d",end1);
data/emboss-6.6.0+dfsg/emboss/dottup.c:192:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		    sprintf(ptr,"%d",(ajint)k);
data/emboss-6.6.0+dfsg/emboss/dottup.c:215:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		sprintf(ptr,"%u",ajSeqGetOffset(seq2));
data/emboss-6.6.0+dfsg/emboss/dottup.c:220:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		sprintf(ptr,"%d",end2);
data/emboss-6.6.0+dfsg/emboss/dottup.c:227:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		    sprintf(ptr,"%d",(ajint)k);
data/emboss-6.6.0+dfsg/emboss/edamclean.c:202:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const char *FIELDS[NFIELDS] =
data/emboss-6.6.0+dfsg/emboss/edamclean.c:223:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const char *RELATIONS[NRELATIONS] =
data/emboss-6.6.0+dfsg/emboss/edamclean.c:250:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const char *NAMESPACES[NNAMESPACES] =
data/emboss-6.6.0+dfsg/emboss/edamclean.c:278:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const char *OTHER[NOTHER] =
data/emboss-6.6.0+dfsg/emboss/edialign.c:86:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char *mot_char[ MAX_REGEX ] ; 
data/emboss-6.6.0+dfsg/emboss/edialign.c:120:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char pst_name[NAME_LEN];
data/emboss-6.6.0+dfsg/emboss/edialign.c:123:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char prn[ NAME_LEN ] ;
data/emboss-6.6.0+dfsg/emboss/edialign.c:128:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char input_line[ NAME_LEN ];
data/emboss-6.6.0+dfsg/emboss/edialign.c:129:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char input_parameters[ NAME_LEN ];
data/emboss-6.6.0+dfsg/emboss/edialign.c:131:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char clust_sim[NAME_LEN] ;
data/emboss-6.6.0+dfsg/emboss/edialign.c:161:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char *newseq[MAX_SEQNUM];   /* sequences */
data/emboss-6.6.0+dfsg/emboss/edialign.c:210:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char amino_acid[22];
data/emboss-6.6.0+dfsg/emboss/edialign.c:219:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char par_dir[NAME_LEN];
data/emboss-6.6.0+dfsg/emboss/edialign.c:225:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char mat_name[NAME_LEN];     /* name of file containing similarity matrix */
data/emboss-6.6.0+dfsg/emboss/edialign.c:226:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char mat_name_p[NAME_LEN];
data/emboss-6.6.0+dfsg/emboss/edialign.c:227:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char anc_name[NAME_LEN];  /* anchored regions */
data/emboss-6.6.0+dfsg/emboss/edialign.c:228:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char seq_file[NAME_LEN];
data/emboss-6.6.0+dfsg/emboss/edialign.c:229:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char input_name[NAME_LEN];
data/emboss-6.6.0+dfsg/emboss/edialign.c:230:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char tmp_str[NAME_LEN];
data/emboss-6.6.0+dfsg/emboss/edialign.c:231:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char output_name[NAME_LEN];
data/emboss-6.6.0+dfsg/emboss/edialign.c:232:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char printname[NAME_LEN];
data/emboss-6.6.0+dfsg/emboss/edialign.c:233:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char gl_mot_regex[MAX_REGEX] ; 
data/emboss-6.6.0+dfsg/emboss/edialign.c:272:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char dia_pa_name[NAME_LEN];
data/emboss-6.6.0+dfsg/emboss/edialign.c:273:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char frag_file_name[NAME_LEN];
data/emboss-6.6.0+dfsg/emboss/edialign.c:274:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char mot_file_name[NAME_LEN];
data/emboss-6.6.0+dfsg/emboss/edialign.c:295:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/emboss/edialign.c:315:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char  Padding[4];
data/emboss-6.6.0+dfsg/emboss/edialign.c:461:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/emboss/edialign.c:562:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char str[NAME_LEN], dist_name[NAME_LEN]; 
data/emboss-6.6.0+dfsg/emboss/edialign.c:563:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char par_str[NAME_LEN];  
data/emboss-6.6.0+dfsg/emboss/edialign.c:565:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char prn2[NAME_LEN];
data/emboss-6.6.0+dfsg/emboss/edialign.c:566:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char logname[NAME_LEN];
data/emboss-6.6.0+dfsg/emboss/edialign.c:567:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char fsm_name[NAME_LEN];
data/emboss-6.6.0+dfsg/emboss/edialign.c:568:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dia_name[NAME_LEN];
data/emboss-6.6.0+dfsg/emboss/edialign.c:569:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char csc_name[NAME_LEN];
data/emboss-6.6.0+dfsg/emboss/edialign.c:570:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char itname[NAME_LEN], itname2[NAME_LEN], itname3[NAME_LEN];
data/emboss-6.6.0+dfsg/emboss/edialign.c:571:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char itname4[NAME_LEN];
data/emboss-6.6.0+dfsg/emboss/edialign.c:572:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dialign_dir[NAME_LEN];
data/emboss-6.6.0+dfsg/emboss/edialign.c:604:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char s_str[SEQ_NAME_LEN+3];
data/emboss-6.6.0+dfsg/emboss/edialign.c:699:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy(clust_sim,"max");
data/emboss-6.6.0+dfsg/emboss/edialign.c:701:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy(clust_sim,"min");
data/emboss-6.6.0+dfsg/emboss/edialign.c:703:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy(clust_sim, "av");    
data/emboss-6.6.0+dfsg/emboss/edialign.c:720:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy ( dialign_dir , "DIALIGN2_DIR" );
data/emboss-6.6.0+dfsg/emboss/edialign.c:799:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy( input_line , "program parameters:  " ) ; 
data/emboss-6.6.0+dfsg/emboss/edialign.c:807:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy( input_line , "program call:  " ) ; 
data/emboss-6.6.0+dfsg/emboss/edialign.c:830:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat( anc_name , ".anc" );
data/emboss-6.6.0+dfsg/emboss/edialign.c:973:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(par_str,"sdfsdf");
data/emboss-6.6.0+dfsg/emboss/edialign.c:1140:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat(prn,".ali");
data/emboss-6.6.0+dfsg/emboss/edialign.c:1142:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(prn2,".fa");  
data/emboss-6.6.0+dfsg/emboss/edialign.c:1147:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(logname,".log");
data/emboss-6.6.0+dfsg/emboss/edialign.c:1150:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(fsm_name,".fsm");
data/emboss-6.6.0+dfsg/emboss/edialign.c:1155:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat( pst_name,".sta");
data/emboss-6.6.0+dfsg/emboss/edialign.c:1161:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat( dia_name , ".afc" );
data/emboss-6.6.0+dfsg/emboss/edialign.c:1162:11:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	fp_dia = fopen( dia_name , "w" );
data/emboss-6.6.0+dfsg/emboss/edialign.c:1173:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat( csc_name , ".csc" );
data/emboss-6.6.0+dfsg/emboss/edialign.c:1174:11:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	fp_csc = fopen( csc_name , "w" );
data/emboss-6.6.0+dfsg/emboss/edialign.c:1180:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat( dia_pa_name , ".fop" );
data/emboss-6.6.0+dfsg/emboss/edialign.c:1182:11:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	fp_dpa = fopen( dia_pa_name , "w" );
data/emboss-6.6.0+dfsg/emboss/edialign.c:1196:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat( mot_file_name , ".mot" );
data/emboss-6.6.0+dfsg/emboss/edialign.c:1197:11:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	fp_mot = fopen( mot_file_name , "w" );
data/emboss-6.6.0+dfsg/emboss/edialign.c:1212:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat( frag_file_name , ".frg" );
data/emboss-6.6.0+dfsg/emboss/edialign.c:1213:11:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	fp_frg = fopen( frag_file_name , "w" );
data/emboss-6.6.0+dfsg/emboss/edialign.c:1383:11:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	fp_log = fopen(logname,"w");
data/emboss-6.6.0+dfsg/emboss/edialign.c:1389:11:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	fp_fsm = fopen(fsm_name,"w");
data/emboss-6.6.0+dfsg/emboss/edialign.c:1425:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(str,".ali");
data/emboss-6.6.0+dfsg/emboss/edialign.c:1430:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(str,".fa");
data/emboss-6.6.0+dfsg/emboss/edialign.c:1435:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat(itname3,".ms");
data/emboss-6.6.0+dfsg/emboss/edialign.c:1439:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat(itname4,".cw");
data/emboss-6.6.0+dfsg/emboss/edialign.c:1468:8:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	fp3 = fopen(itname3,"w");
data/emboss-6.6.0+dfsg/emboss/edialign.c:1471:8:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	fp4 = fopen(itname4,"w");
data/emboss-6.6.0+dfsg/emboss/edialign.c:1498:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(str,".ali");
data/emboss-6.6.0+dfsg/emboss/edialign.c:1504:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(str,".fa");
data/emboss-6.6.0+dfsg/emboss/edialign.c:1508:6:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	    strcat(itname3,".ms"); 
data/emboss-6.6.0+dfsg/emboss/edialign.c:1512:6:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	    strcat(itname4,".cw"); 
data/emboss-6.6.0+dfsg/emboss/edialign.c:1624:16:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
			    fp_st = fopen( pst_name ,"w");
data/emboss-6.6.0+dfsg/emboss/edialign.c:1730:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(dist_name , ".dst");
data/emboss-6.6.0+dfsg/emboss/edialign.c:3136:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char anc_file_name[NAME_LEN];
data/emboss-6.6.0+dfsg/emboss/edialign.c:3139:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char line[10000];
data/emboss-6.6.0+dfsg/emboss/edialign.c:3148:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat( anc_file_name , ".anc" );
data/emboss-6.6.0+dfsg/emboss/edialign.c:3150:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if((fp = fopen( anc_file_name, "r")) == NULL)
data/emboss-6.6.0+dfsg/emboss/edialign.c:3320:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	    fp_st = fopen( pst_name ,"w");
data/emboss-6.6.0+dfsg/emboss/edialign.c:3387:11:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	fp_dpa = fopen( dia_pa_name , "a" );
data/emboss-6.6.0+dfsg/emboss/edialign.c:3930:15:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
		    fp_st = fopen( pst_name ,"w");
data/emboss-6.6.0+dfsg/emboss/edialign.c:4025:20:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	    if( ( nd_fp = fopen("nd_file","a")) == NULL)    
data/emboss-6.6.0+dfsg/emboss/edialign.c:4699:11:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
		fp_st = fopen( pst_name ,"w");
data/emboss-6.6.0+dfsg/emboss/edialign.c:4753:11:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
		fp_st = fopen( pst_name ,"w");
data/emboss-6.6.0+dfsg/emboss/edialign.c:5177:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char cap_file_name[ NAME_LEN ] ;
data/emboss-6.6.0+dfsg/emboss/edialign.c:5190:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat( cap_file_name , ".cap" );
data/emboss-6.6.0+dfsg/emboss/edialign.c:5191:11:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	fp_cap = fopen( cap_file_name ,"w");
data/emboss-6.6.0+dfsg/emboss/edialign.c:5210:11:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
		fp_st = fopen( pst_name ,"w");
data/emboss-6.6.0+dfsg/emboss/edialign.c:5548:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char l_name[2][20];   
data/emboss-6.6.0+dfsg/emboss/edialign.c:5683:17:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
                sprintf( l_name[k],":%f", branch_len[k]);
data/emboss-6.6.0+dfsg/emboss/edialign.c:6013:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char exclude_file_name[ NAME_LEN ];
data/emboss-6.6.0+dfsg/emboss/edialign.c:6015:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char line[ 10000 ];
data/emboss-6.6.0+dfsg/emboss/edialign.c:6024:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat( exclude_file_name , ".xfr" );
data/emboss-6.6.0+dfsg/emboss/edialign.c:6026:15:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if( (fp = fopen( exclude_file_name, "r")) == NULL)
data/emboss-6.6.0+dfsg/emboss/edialign.c:6156:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char line[ MAX_INPUT_LINE ] ;
data/emboss-6.6.0+dfsg/emboss/edialign.c:6158:15:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if( (fp = fopen( seq_file , "r")) == NULL)
data/emboss-6.6.0+dfsg/emboss/edialign.c:6200:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static ajint edialign_seq_read(char *seq_file, char *sq[MAX_SEQNUM] ,
data/emboss-6.6.0+dfsg/emboss/edialign.c:6200:48:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static ajint edialign_seq_read(char *seq_file, char *sq[MAX_SEQNUM] ,
data/emboss-6.6.0+dfsg/emboss/edialign.c:6203:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char line[ MAX_INPUT_LINE ] ;
data/emboss-6.6.0+dfsg/emboss/edialign.c:6210:15:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if( (fp = fopen( seq_file , "r")) == NULL)
data/emboss-6.6.0+dfsg/emboss/edialign.c:6257:15:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	sq[ i ]  = ( char * ) calloc( max_char[ i ] + 1 , sizeof ( char ) );
data/emboss-6.6.0+dfsg/emboss/edialign.c:6277:15:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	sq[ 1 ]  = ( char * ) calloc( max_char[ 0 ] + 1 , sizeof ( char ) );
data/emboss-6.6.0+dfsg/emboss/edialign.c:6286:15:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if( (fp = fopen( seq_file , "r")) == NULL) 
data/emboss-6.6.0+dfsg/emboss/edialign.c:6342:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char line[MLINE], dummy[MLINE];
data/emboss-6.6.0+dfsg/emboss/edialign.c:6408:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char line[MLINE];
data/emboss-6.6.0+dfsg/emboss/edialign.c:6413:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char str[MLINE] ;
data/emboss-6.6.0+dfsg/emboss/edialign.c:6522:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char mat_file_name[ NAME_LEN ] ;
data/emboss-6.6.0+dfsg/emboss/edialign.c:6564:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat( mat_file_name , ".mat" );
data/emboss-6.6.0+dfsg/emboss/edialign.c:6566:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    fp_mat = fopen( mat_file_name, "w") ;
data/emboss-6.6.0+dfsg/emboss/edialign.c:6691:10:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    fp = fopen("weight_table","w");
data/emboss-6.6.0+dfsg/emboss/edialign.c:7803:6:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	    strcpy (clust_sim , "max" );
data/emboss-6.6.0+dfsg/emboss/edialign.c:7806:6:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	    strcpy (clust_sim , "min" );
data/emboss-6.6.0+dfsg/emboss/edialign.c:7919:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		max_itnum = atoi( arg[++an] ); 
data/emboss-6.6.0+dfsg/emboss/edialign.c:7937:10:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		lmax = atoi( arg[++an] ); 
data/emboss-6.6.0+dfsg/emboss/edialign.c:7956:14:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		plot_num = atoi( arg[++an] ); 
data/emboss-6.6.0+dfsg/emboss/edialign.c:7977:19:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		thr_sim_score = atoi( arg[++an] );
data/emboss-6.6.0+dfsg/emboss/edialign.c:8284:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ((f = fopen(nomfich, mode)) == NULL) 
data/emboss-6.6.0+dfsg/emboss/edialign.c:8326:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char line[TAILLE_MAX_LIGNE_FICHIER];
data/emboss-6.6.0+dfsg/emboss/edialign.c:8503:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	mot_char[p] = (char *) calloc(char_num[p], sizeof(char));
data/emboss-6.6.0+dfsg/emboss/einverted.c:354:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    memcpy(t1, &revmatch[(ajint)sq[i]][seqlength-i],
data/emboss-6.6.0+dfsg/emboss/embossupdate.c:40:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tmpver[512] = {'\0'};
data/emboss-6.6.0+dfsg/emboss/embossversion.c:41:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tmpver[512] = {'\0'};
data/emboss-6.6.0+dfsg/emboss/emma.c:494:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char ext[2] = "A";
data/emboss-6.6.0+dfsg/emboss/emowse.c:87:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/emboss/etandem.c:79:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char letter[5]  = "acgtn" ;
data/emboss-6.6.0+dfsg/emboss/garnier.c:199:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char aa[MAXSQ] = {"ARNDCQEGHILKMFPSTWYVBZX"};
data/emboss-6.6.0+dfsg/emboss/garnier.c:309:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char nt[MAXSQ]={"ACGTURYMWSKDHVBNX"};
data/emboss-6.6.0+dfsg/emboss/helixturnhelix.c:50:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/emboss/histogramtest.c:46:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char temp[20];
data/emboss-6.6.0+dfsg/emboss/histogramtest.c:125:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(temp,"number %d",i);
data/emboss-6.6.0+dfsg/emboss/histogramtest.c:127:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(temp,"sequence %d",i);
data/emboss-6.6.0+dfsg/emboss/histogramtest.c:129:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(temp,"y value for %d",i);
data/emboss-6.6.0+dfsg/emboss/isochore.c:44:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/emboss/isochore.c:67:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/emboss/jaspscan.c:75:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char Padding[7];
data/emboss-6.6.0+dfsg/emboss/jaspscan.c:138:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[7];
data/emboss-6.6.0+dfsg/emboss/jembossctl.c:1011:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char timstr[TIMEBUFFER];
data/emboss-6.6.0+dfsg/emboss/jembossctl.c:1333:13:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if(!(fp=fopen(".finished","w")))
data/emboss-6.6.0+dfsg/emboss/jembossctl.c:1350:17:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        if(!(fp=fopen("stderrfile","w")))
data/emboss-6.6.0+dfsg/emboss/jembossctl.c:2920:12:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if((fd=open(ajStrGetPtr(file),O_RDONLY))==-1)
data/emboss-6.6.0+dfsg/emboss/jembossctl.c:3181:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    memcpy((void *)&fbuf[sofar],(const void *)buf,mlen);
data/emboss-6.6.0+dfsg/emboss/jembossctl.c:3223:12:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if((fd=open(ajStrGetPtr(file),O_CREAT|O_WRONLY|O_TRUNC,0644))<0)
data/emboss-6.6.0+dfsg/emboss/matcher.c:238:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/emboss/pepnet.c:257:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char cs[2];
data/emboss-6.6.0+dfsg/emboss/pepwheel.c:283:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char cs[2];
data/emboss-6.6.0+dfsg/emboss/plotorf.c:69:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    const char *ftit[6]=
data/emboss-6.6.0+dfsg/emboss/polydot.c:71:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char ptr[10];
data/emboss-6.6.0+dfsg/emboss/polydot.c:169:4:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
			sprintf(ptr,"%d",(ajint)k);
data/emboss-6.6.0+dfsg/emboss/polydot.c:187:4:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
			sprintf(ptr,"%d",(ajint)k);
data/emboss-6.6.0+dfsg/emboss/prettyplot.c:155:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char res[2] = " ";
data/emboss-6.6.0+dfsg/emboss/prettyplot.c:1100:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char res[2]=" ";
data/emboss-6.6.0+dfsg/emboss/prettyplot.c:1102:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char numberstring[10];
data/emboss-6.6.0+dfsg/emboss/prettyplot.c:1196:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		    sprintf(numberstring,"%d",seqcount[j]);
data/emboss-6.6.0+dfsg/emboss/prettyplot.c:1204:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		    sprintf(numberstring,"%d",k);
data/emboss-6.6.0+dfsg/emboss/prettyplot.c:1290:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(numberstring,"%d",seqcount[j]);
data/emboss-6.6.0+dfsg/emboss/prettyplot.c:1298:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(numberstring,"%d",k);
data/emboss-6.6.0+dfsg/emboss/prettyseq.c:171:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tri[4];
data/emboss-6.6.0+dfsg/emboss/primersearch.c:80:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/emboss/primersearch.c:117:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/emboss/recoder.c:65:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/emboss/recoder.c:100:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   Padding[6];
data/emboss-6.6.0+dfsg/emboss/recoder.c:560:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tbase[4];
data/emboss-6.6.0+dfsg/emboss/remap.c:78:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   Padding[4];
data/emboss-6.6.0+dfsg/emboss/showalign.c:70:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/emboss/showorf.c:239:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tri[4];
data/emboss-6.6.0+dfsg/emboss/silent.c:58:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/emboss/silent.c:95:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[2];
data/emboss-6.6.0+dfsg/emboss/treetypedisplay.c:61:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char temp[7];
data/emboss-6.6.0+dfsg/emboss/treetypedisplay.c:78:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(temp,"line %d",i);
data/emboss-6.6.0+dfsg/emboss/twofeat.c:49:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char  Padding[4];
data/emboss-6.6.0+dfsg/emboss/wobble.c:76:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    const char *ftit[6]=
data/emboss-6.6.0+dfsg/emboss/wordfinder.c:58:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char  Padding[4];
data/emboss-6.6.0+dfsg/nucleus/embdbi.c:991:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		  const char date[4])
data/emboss-6.6.0+dfsg/nucleus/embdbi.c:994:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char padding[256];
data/emboss-6.6.0+dfsg/nucleus/embdbi.c:1166:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
			 const char date[4],  ajuint maxfilelen, ajuint nfiles,
data/emboss-6.6.0+dfsg/nucleus/embdbi.c:1579:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
			    const char date[4], const AjPStr indexdir,
data/emboss-6.6.0+dfsg/nucleus/embdbi.c:1781:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
			   const char date[4], const AjPStr indexdir,
data/emboss-6.6.0+dfsg/nucleus/embdbi.c:1927:42:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void embDbiDateSet(const AjPStr datestr, char date[4])
data/emboss-6.6.0+dfsg/nucleus/embdbi.h:77:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char Padding[4];
data/emboss-6.6.0+dfsg/nucleus/embdbi.h:127:48:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
void      embDbiDateSet (const AjPStr datestr, char date[4]);
data/emboss-6.6.0+dfsg/nucleus/embdbi.h:149:10:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
			const char date[4]);
data/emboss-6.6.0+dfsg/nucleus/embdbi.h:177:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
				const char date[4], const AjPStr indexdir,
data/emboss-6.6.0+dfsg/nucleus/embdbi.h:198:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
				 const char date[4], const AjPStr indexdir,
data/emboss-6.6.0+dfsg/nucleus/embdbi.h:204:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
			       const char date[4],
data/emboss-6.6.0+dfsg/nucleus/embdmx.h:82:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char Padding[4];
data/emboss-6.6.0+dfsg/nucleus/embest.c:587:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char format[256];
data/emboss-6.6.0+dfsg/nucleus/embest.c:598:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(format, "%%%dS %%6d ", namelen );
data/emboss-6.6.0+dfsg/nucleus/embest.c:673:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char number[30];
data/emboss-6.6.0+dfsg/nucleus/embest.c:681:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		sprintf(number," %d ", intron_width );
data/emboss-6.6.0+dfsg/nucleus/embest.c:876:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char diagonal_path[4]      = { 1, 4, 16, 64 };
data/emboss-6.6.0+dfsg/nucleus/embest.c:877:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char delete_est_path[4]    = { 2, 8, 32, 128 };
data/emboss-6.6.0+dfsg/nucleus/embest.c:878:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char delete_genome_path[4] = { 3, 12, 48, 192 };
data/emboss-6.6.0+dfsg/nucleus/embest.c:879:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char mask[4]               = { 3, 12, 48, 192 };
data/emboss-6.6.0+dfsg/nucleus/embest.c:891:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dbgmsg[512] = "<undefined>\n";
data/emboss-6.6.0+dfsg/nucleus/embest.c:1055:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
				sprintf(dbgmsg,
data/emboss-6.6.0+dfsg/nucleus/embest.c:1065:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
				sprintf(dbgmsg,
data/emboss-6.6.0+dfsg/nucleus/embest.c:1087:8:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
			    sprintf(dbgmsg,
data/emboss-6.6.0+dfsg/nucleus/embest.c:1107:8:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
			    sprintf(dbgmsg,
data/emboss-6.6.0+dfsg/nucleus/embindex.h:218:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   Padding[4];
data/emboss-6.6.0+dfsg/nucleus/embmat.h:94:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char      Padding[4];
data/emboss-6.6.0+dfsg/nucleus/embnmer.c:140:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char store[2];
data/emboss-6.6.0+dfsg/nucleus/embnmer.c:270:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char store[2];
data/emboss-6.6.0+dfsg/nucleus/embpat.c:223:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char match2[2] = " ";
data/emboss-6.6.0+dfsg/nucleus/embpat.c:852:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char ch[2];
data/emboss-6.6.0+dfsg/nucleus/embpat.h:111:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char Padding[4];
data/emboss-6.6.0+dfsg/nucleus/embpat.h:158:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/nucleus/embprop.h:128:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char      Padding[4];
data/emboss-6.6.0+dfsg/nucleus/embprop.h:160:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char      Padding[4];
data/emboss-6.6.0+dfsg/nucleus/embshow.h:182:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char Padding[4];
data/emboss-6.6.0+dfsg/nucleus/embshow.h:302:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char   Padding[4];
data/emboss-6.6.0+dfsg/nucleus/embshow.h:404:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char Padding[4];
data/emboss-6.6.0+dfsg/nucleus/embsig.h:133:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char    Padding[4];
data/emboss-6.6.0+dfsg/nucleus/embsig.h:383:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char    Padding[4];
data/emboss-6.6.0+dfsg/nucleus/embword.c:1872:33:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                                memcpy(tmp, text+i-plen, plen);
data/emboss-6.6.0+dfsg/nucleus/embword.h:79:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char Padding[4];
data/emboss-6.6.0+dfsg/nucleus/embword.h:101:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char Padding[4];
data/emboss-6.6.0+dfsg/plplot/gd.c:257:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	unsigned char Padding[3];
data/emboss-6.6.0+dfsg/plplot/gd.c:260:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	unsigned char Padding[3];
data/emboss-6.6.0+dfsg/plplot/ljii.c:63:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char mask[8] =
data/emboss-6.6.0+dfsg/plplot/ljiip.c:83:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char mask[8] =
data/emboss-6.6.0+dfsg/plplot/ljiip.c:335:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char _HUGE t_buf[BPROW*2];
data/emboss-6.6.0+dfsg/plplot/pdfutils.c:79:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char new_mode[3];
data/emboss-6.6.0+dfsg/plplot/pdfutils.c:106:15:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	pdfs->file = fopen(filename, mode);
data/emboss-6.6.0+dfsg/plplot/pdfutils.c:826:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char bitrep[33];
data/emboss-6.6.0+dfsg/plplot/plargs.c:171:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char opttmp[OPTMAX];
data/emboss-6.6.0+dfsg/plplot/plargs.c:650:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *argv[3];
data/emboss-6.6.0+dfsg/plplot/plargs.c:986:21:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	*(int *)tab->var = atoi(myoptarg);
data/emboss-6.6.0+dfsg/plplot/plargs.c:1232:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char msg[80];
data/emboss-6.6.0+dfsg/plplot/plargs.c:1618:13:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    width = atoi(myoptarg);
data/emboss-6.6.0+dfsg/plplot/plargs.c:1700:19:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    plsc->ncol0 = atoi(myoptarg);
data/emboss-6.6.0+dfsg/plplot/plargs.c:1717:19:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    plsc->ncol1 = atoi(myoptarg);
data/emboss-6.6.0+dfsg/plplot/plargs.c:1933:20:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    plsc->member = atoi(myoptarg);
data/emboss-6.6.0+dfsg/plplot/plargs.c:1951:18:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    plsc->finc = atoi(myoptarg);
data/emboss-6.6.0+dfsg/plplot/plargs.c:1969:19:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    plsc->fflen = atoi(myoptarg);
data/emboss-6.6.0+dfsg/plplot/plargs.c:2041:20:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    plsc->bufmax = atoi(myoptarg);
data/emboss-6.6.0+dfsg/plplot/plargs.c:2114:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(newcmd,"tcl_cmd=");
data/emboss-6.6.0+dfsg/plplot/plargs.c:2155:12:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    plssub(atoi(myoptarg), -1);
data/emboss-6.6.0+dfsg/plplot/plargs.c:2172:16:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    plssub(-1, atoi(myoptarg));
data/emboss-6.6.0+dfsg/plplot/plargs.c:2209:9:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	xwid = atoi (field);
data/emboss-6.6.0+dfsg/plplot/plargs.c:2216:9:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	ywid = atoi (field);
data/emboss-6.6.0+dfsg/plplot/plargs.c:2230:9:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	xoff = atoi (field);
data/emboss-6.6.0+dfsg/plplot/plargs.c:2232:13:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	    yoff = atoi (field);
data/emboss-6.6.0+dfsg/plplot/plargs.c:2315:12:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    comp = atoi(myoptarg);
data/emboss-6.6.0+dfsg/plplot/plbox.c:634:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char string[40];
data/emboss-6.6.0+dfsg/plplot/plbox.c:761:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(string, "(x10#u%d#d)", (int) scale);
data/emboss-6.6.0+dfsg/plplot/plbox.c:846:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char string[40];
data/emboss-6.6.0+dfsg/plplot/plbox.c:981:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(string, "(x10#u%d#d)", (int) scale);
data/emboss-6.6.0+dfsg/plplot/plbox.c:1170:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char string[40];
data/emboss-6.6.0+dfsg/plplot/plbox.c:1230:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(string, "(x10#u%d#d)", (int) xscale);
data/emboss-6.6.0+dfsg/plplot/plbox.c:1281:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(string, "(x10#u%d#d)", (int) yscale);
data/emboss-6.6.0+dfsg/plplot/plbox.c:1333:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char form[10];
data/emboss-6.6.0+dfsg/plplot/plbox.c:1334:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		sprintf(form, "%%.%df", ABS(exponent));
data/emboss-6.6.0+dfsg/plplot/plbox.c:1338:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		sprintf(string, "%d", (int) value);
data/emboss-6.6.0+dfsg/plplot/plbox.c:1345:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(string, "10#u%d", (int) ROUND(value));
data/emboss-6.6.0+dfsg/plplot/plbox.c:1353:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char form[10], temp[30];
data/emboss-6.6.0+dfsg/plplot/plbox.c:1369:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(form, "%%.%df", (int) prec);
data/emboss-6.6.0+dfsg/plplot/plbuf.c:155:22:  [2] (tmpfile) tmpfile:
  Function tmpfile() has a security flaw on some systems (e.g., older System
  V systems) (CWE-377).
    pls->plbufFile = tmpfile();
data/emboss-6.6.0+dfsg/plplot/plbuf.c:514:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char buffer[256];
data/emboss-6.6.0+dfsg/plplot/plbuf.c:515:17:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
                sprintf(buffer, "rdbuf_state: Invalid color map entry: %d", (int) icol0);
data/emboss-6.6.0+dfsg/plplot/plbuf.c:894:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(buf, (U_CHAR *)pls->plbuf_buffer + pls->plbuf_readpos, buf_size);
data/emboss-6.6.0+dfsg/plplot/plbuf.c:954:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy((U_CHAR *)pls->plbuf_buffer + pls->plbuf_top, buf, buf_size);
data/emboss-6.6.0+dfsg/plplot/plbuf.c:987:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/plplot/plbuf.c:1071:37:  [2] (tmpfile) tmpfile:
  Function tmpfile() has a security flaw on some systems (e.g., older System
  V systems) (CWE-377).
        if((plot_state->plbufFile = tmpfile()) == NULL) {
data/emboss-6.6.0+dfsg/plplot/plbuf.c:1106:12:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        if(memcpy(plot_state->plbuf_buffer, pls->plbuf_buffer, pls->plbuf_top ) == NULL) {
data/emboss-6.6.0+dfsg/plplot/plcont.c:306:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   form[10], tmpstring[15];
data/emboss-6.6.0+dfsg/plplot/plcont.c:339:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(form, "%%.%df", prec-1);
data/emboss-6.6.0+dfsg/plplot/plcont.c:341:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(tmpstring, "#(229)10#u%d", exponent);
data/emboss-6.6.0+dfsg/plplot/plcont.c:355:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(form, "%%.%df", (int) prec);
data/emboss-6.6.0+dfsg/plplot/plcont.c:558:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char  flabel[30];
data/emboss-6.6.0+dfsg/plplot/plcore.c:441:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	unsigned char padding[6];	/* pmr: padding to align */
data/emboss-6.6.0+dfsg/plplot/plcore.c:686:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    char buf[80];
data/emboss-6.6.0+dfsg/plplot/plcore.c:1851:10:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	memset((char *) pls[ipls], 0, sizeof(PLStream));
data/emboss-6.6.0+dfsg/plplot/plcore.c:1877:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    memset((char *) pls[ipls], 0, sizeof(PLStream));
data/emboss-6.6.0+dfsg/plplot/plcore.c:2114:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char currdir[256];
data/emboss-6.6.0+dfsg/plplot/plcore.c:2187:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[300];
data/emboss-6.6.0+dfsg/plplot/plcore.c:2203:16:  [2] (tmpfile) tmpfile:
  Function tmpfile() has a security flaw on some systems (e.g., older System
  V systems) (CWE-377).
    fp_drvdb = tmpfile ();
data/emboss-6.6.0+dfsg/plplot/plcore.c:2226:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char path[300];
data/emboss-6.6.0+dfsg/plplot/plcore.c:2227:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char buf[300];
data/emboss-6.6.0+dfsg/plplot/plcore.c:2232:18:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
            fd = fopen (path, "r");
data/emboss-6.6.0+dfsg/plplot/plcore.c:2309:19:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        seq     = atoi(seqstr);
data/emboss-6.6.0+dfsg/plplot/plcore.c:2318:38:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        dispatch_table[n]->pl_type = atoi(devtype);
data/emboss-6.6.0+dfsg/plplot/plcore.c:2385:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char response[80];
data/emboss-6.6.0+dfsg/plplot/plcore.c:2454:17:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	    if ((dev = atoi(response)) < 1) {
data/emboss-6.6.0+dfsg/plplot/plcore.c:2479:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char sym[60];
data/emboss-6.6.0+dfsg/plplot/plcore.c:2521:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char drvspec[ 400 ];
data/emboss-6.6.0+dfsg/plplot/plctrl.c:119:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char buffer[256];
data/emboss-6.6.0+dfsg/plplot/plctrl.c:120:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buffer, "plcol0: Invalid color map entry: %d", (int) icol0);
data/emboss-6.6.0+dfsg/plplot/plctrl.c:150:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char buffer[256];
data/emboss-6.6.0+dfsg/plplot/plctrl.c:151:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buffer, "plcol1: Invalid color map position: %f", (PLFLT) col1);
data/emboss-6.6.0+dfsg/plplot/plctrl.c:206:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char buffer[256];
data/emboss-6.6.0+dfsg/plplot/plctrl.c:207:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buffer, "plscol0: Illegal color table value: %d", (int) icol0);
data/emboss-6.6.0+dfsg/plplot/plctrl.c:212:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char buffer[256];
data/emboss-6.6.0+dfsg/plplot/plctrl.c:213:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buffer, "plscol0: Invalid RGB color: %d, %d, %d",
data/emboss-6.6.0+dfsg/plplot/plctrl.c:245:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char buffer[256];
data/emboss-6.6.0+dfsg/plplot/plctrl.c:246:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buffer, "plgcol0: Invalid color index: %d", (int) icol0);
data/emboss-6.6.0+dfsg/plplot/plctrl.c:277:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char buffer[256];
data/emboss-6.6.0+dfsg/plplot/plctrl.c:278:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(buffer, "plscmap0: Invalid RGB color: %d, %d, %d",
data/emboss-6.6.0+dfsg/plplot/plctrl.c:312:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char buffer[256];
data/emboss-6.6.0+dfsg/plplot/plctrl.c:313:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(buffer, "plscmap1: Invalid RGB color: %d, %d, %d",
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1004:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(plsc->errmsg, "\n*** PLPLOT ERROR ***\n");
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1391:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[1024], *cp;
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1548:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char line[256];
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1589:22:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	if ((pls->OutFile = fopen(pls->FileName, "wb+")) == NULL)
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1608:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tmp[256];
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1609:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char prefix[256];
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1832:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char line[256];
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1839:6:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	m = atoi(line);
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1863:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char line[256];
data/emboss-6.6.0+dfsg/plplot/plhershey-unicode.h:46:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char Padding[7];
data/emboss-6.6.0+dfsg/plplot/plmap.c:97:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char filename[100];
data/emboss-6.6.0+dfsg/plplot/plmap.c:99:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char n_buff[2], buff[800];
data/emboss-6.6.0+dfsg/plplot/plmeta.c:66:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/plplot/plmeta.c:71:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char buffer[256];
data/emboss-6.6.0+dfsg/plplot/plmeta.c:415:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(buffer, "UpdatePrevPagehdr (plmeta.c): fsetpos to fwbyte_offset (%d) failed",
data/emboss-6.6.0+dfsg/plplot/plmeta.c:440:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(buffer, "UpdatePrevPagehdr (plmeta.c): fsetpos to fwbyte_offset (%d) failed",
data/emboss-6.6.0+dfsg/plplot/plmeta.c:455:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(buffer, "UpdatePrevPagehdr (plmeta.c): fsetpos to cp_offset (%d) failed",
data/emboss-6.6.0+dfsg/plplot/plmeta.c:483:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(buffer, "UpdateIndex (plmeta.c): fsetpos to index_offset (%d) failed",
data/emboss-6.6.0+dfsg/plplot/plmeta.c:495:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(buffer, "UpdateIndex (plmeta.c): fsetpos to cp_offset (%d) failed",
data/emboss-6.6.0+dfsg/plplot/plplot.h:319:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char string[PL_MAXKEY];	/* translated string */
data/emboss-6.6.0+dfsg/plplot/plplot.h:358:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/plplot/plplot.h:385:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding[4];
data/emboss-6.6.0+dfsg/plplot/plplot.h:412:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char Padding[5];		/* pmr:padding to boundary */
data/emboss-6.6.0+dfsg/plplot/plplotP.h:118:9:  [2] (tmpfile) tmpfile:
  Function tmpfile() has a security flaw on some systems (e.g., older System
  V systems) (CWE-377).
#define tmpfile w32_tmpfile
data/emboss-6.6.0+dfsg/plplot/plplotP.h:381:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char padding[7];		/* pad to align */
data/emboss-6.6.0+dfsg/plplot/plplotP.h:535:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char Padding1[4];
data/emboss-6.6.0+dfsg/plplot/plplotP.h:541:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char padding[5];		/* pad to align */
data/emboss-6.6.0+dfsg/plplot/plplotP.h:581:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char Padding1[4];
data/emboss-6.6.0+dfsg/plplot/plplotP.h:587:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char Padding1[4];
data/emboss-6.6.0+dfsg/plplot/plstripc.c:42:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *legline[PEN];
data/emboss-6.6.0+dfsg/plplot/plstripc.c:298:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		    memcpy( &stripc->x[j][0], &stripc->x[j][istart], (stripc->npts[j])*sizeof(PLFLT));
data/emboss-6.6.0+dfsg/plplot/plstripc.c:299:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		    memcpy( &stripc->y[j][0], &stripc->y[j][istart], (stripc->npts[j])*sizeof(PLFLT));
data/emboss-6.6.0+dfsg/plplot/plstrm.h:508:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char  padding1[4];
data/emboss-6.6.0+dfsg/plplot/plstrm.h:527:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char DevName[80];
data/emboss-6.6.0+dfsg/plplot/plstrm.h:528:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding2[4];
data/emboss-6.6.0+dfsg/plplot/plstrm.h:538:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding3[4];
data/emboss-6.6.0+dfsg/plplot/plstrm.h:549:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding4[4];
data/emboss-6.6.0+dfsg/plplot/plstrm.h:592:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding5[4];
data/emboss-6.6.0+dfsg/plplot/plstrm.h:600:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char Padding6[4];
data/emboss-6.6.0+dfsg/plplot/plstrm.h:641:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char padding[7];
data/emboss-6.6.0+dfsg/plplot/plstrm.h:696:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char Padding7[4];
data/emboss-6.6.0+dfsg/plplot/plstrm.h:718:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char Padding8[4];
data/emboss-6.6.0+dfsg/plplot/plsym.c:56:15:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static signed char xygrid[STLEN];
data/emboss-6.6.0+dfsg/plplot/plunicode-type1.h:30:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	unsigned char Padding[3];
data/emboss-6.6.0+dfsg/plplot/ps.c:69:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char  outbuf[128];
data/emboss-6.6.0+dfsg/plplot/ps.c:400:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(outbuf, "%d %d D", xx2, yy2);
data/emboss-6.6.0+dfsg/plplot/ps.c:409:4:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	  sprintf(outbuf, "%d %d A", xx1, yy1);
data/emboss-6.6.0+dfsg/plplot/ps.c:411:4:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	  sprintf(outbuf, "%d %d M %d %d D", xx1, yy1, xx2, yy2);
data/emboss-6.6.0+dfsg/plplot/ps.c:648:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(outbuf, "%d %d M", x, y);
data/emboss-6.6.0+dfsg/plplot/ps.c:667:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(outbuf, "%d %d D", x, y);
data/emboss-6.6.0+dfsg/plplot/ps.c:724:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char *strp, str[PROC_STR_STRING_LENGTH], *cur_strp, 
data/emboss-6.6.0+dfsg/plplot/ps.c:738:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	const char  *fonts[PROC_STR_STRING_LENGTH];
data/emboss-6.6.0+dfsg/plplot/tek.c:153:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const char *kermit_color[15]= {
data/emboss-6.6.0+dfsg/plplot/tek.c:414:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char fillcol[4];
data/emboss-6.6.0+dfsg/plplot/tek.c:679:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char input_string[MAX_GIN];
data/emboss-6.6.0+dfsg/plplot/tek.c:718:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char fillcol[4], firstpoint[5];
data/emboss-6.6.0+dfsg/plplot/tek.c:949:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char c[5];
data/emboss-6.6.0+dfsg/plplot/tek.c:965:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tek_col[4], tek_r[4], tek_g[4], tek_b[4];
data/emboss-6.6.0+dfsg/plplot/xwin.c:1089:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char header[1024];
data/emboss-6.6.0+dfsg/plplot/xwin.c:2341:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char buffer[256];
data/emboss-6.6.0+dfsg/plplot/xwin.c:3199:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char buffer[256];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:111:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char prog[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:245:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char basedir[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:246:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char newbasedir[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:247:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char nucleusdir[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:348:8:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    fp=fopen(TMPFILE,"w");
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:398:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char command[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:399:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char src[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:400:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dest [MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:435:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char command[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:436:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char src[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:437:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dest[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:691:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char command[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:692:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char src[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:693:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dest[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:933:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char command[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:934:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char src[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:935:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dest[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1091:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char command[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1092:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char src[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1093:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dest[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1157:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char command[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1158:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char src[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1159:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dest[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1213:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char command[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1214:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char src[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1215:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dest[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1240:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char command[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1241:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char src[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1242:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dest[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1267:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char command[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1268:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char src[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1269:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dest[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1308:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char command[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1309:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char src[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1310:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dest[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1335:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char command[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1336:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char src[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1337:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dest[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1471:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char command[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1472:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char src[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1473:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dest[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1559:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char command[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1560:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char src[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1561:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dest[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1785:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char command[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1786:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char prompt[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1799:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char vc80[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1800:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char vc90[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1801:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char vc100[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1802:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char src[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1803:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dest[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1907:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char command[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1908:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char zipfile[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1954:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char newdir[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2081:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char filename[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2122:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char line[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2123:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tline[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2131:11:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    inf = fopen(filename,"r");
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2213:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char command[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2214:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char line[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2215:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char filename[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2224:12:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    outf = fopen(filename,"w");
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2239:11:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    inf = fopen(TMPFILE2,"r");
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2267:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char command[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2268:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char line[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2269:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char filename[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2278:12:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    outf = fopen(filename,"w");
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2289:9:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    inf=fopen(TMPFILE2,"r");
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2316:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char command[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2317:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char line[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2318:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char filename[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2327:12:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    outf = fopen(filename,"w");
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2344:11:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    inf = fopen(TMPFILE2,"r");
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2413:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dir[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2416:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char command[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2417:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char acdname[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2418:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char filename[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2419:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char src[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2420:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dest[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2516:6:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	    strcat(acdname,".acd");
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2593:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char filename[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2595:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char line[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2596:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tmpstr[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2597:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char progname[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2606:8:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    fp=fopen(filename,"r");
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2752:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char filename[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2753:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dir[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2844:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char filename[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2864:8:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    fp=fopen(filename,"w");    
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2932:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char filename[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2937:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char line[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2938:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tline[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2969:9:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	outf = fopen(filename,"w");
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2979:8:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	inf = fopen(filename,"r");
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:3090:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char defsdir[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:3097:10:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    fp = fopen(TMPFILE,"w");
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:3123:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char hfname[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:3130:10:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    fp = fopen(TMPFILE,"w");
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:3151:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char line[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:3152:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tline[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:3158:11:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    inf = fopen(filename,"r");
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:3226:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char hfname[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:3233:10:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    fp = fopen(TMPFILE,"w");
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:3254:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char line[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:3255:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tline[MAXNAMLEN];
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:3261:11:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    inf = fopen(filename,"r");    
data/emboss-6.6.0+dfsg/scripts/compembassy.c:56:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char fname[MAXPATHLEN];
data/emboss-6.6.0+dfsg/scripts/compembassy.c:57:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[sizeof(struct dirent) + MAXPATHLEN];
data/emboss-6.6.0+dfsg/scripts/compembassy.c:131:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char fname[MAXPATHLEN];
data/emboss-6.6.0+dfsg/scripts/compembassy.c:132:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[sizeof(struct dirent) + MAXPATHLEN];
data/emboss-6.6.0+dfsg/scripts/compembassy.c:211:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char bundledir[MAXPATHLEN];
data/emboss-6.6.0+dfsg/scripts/compembassy.c:212:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tarfile[MAXPATHLEN];
data/emboss-6.6.0+dfsg/scripts/compembassy.c:213:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char command[MAXPATHLEN];
data/emboss-6.6.0+dfsg/scripts/makeam.c:111:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dirpath[MAXPATHLEN];
data/emboss-6.6.0+dfsg/scripts/makeam.c:112:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char fullname[MAXPATHLEN];
data/emboss-6.6.0+dfsg/scripts/makeam.c:159:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dirpath[MAXPATHLEN];
data/emboss-6.6.0+dfsg/scripts/makeam.c:160:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char fullname[MAXPATHLEN];
data/emboss-6.6.0+dfsg/scripts/makeam.c:227:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char line[MAXPATHLEN];
data/emboss-6.6.0+dfsg/scripts/makeam.c:241:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
		strcpy(line,"pkgdata_DATA =");
data/emboss-6.6.0+dfsg/scripts/makeam.c:243:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		sprintf(line,"pkgdata%d_DATA =",*npackages);
data/emboss-6.6.0+dfsg/scripts/makeam.c:266:3:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
		strcat(line," \\");		
data/emboss-6.6.0+dfsg/scripts/makeam.c:282:6:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	    strcat(line," \\");
data/emboss-6.6.0+dfsg/scripts/mkembassy.c:64:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char fname[MAXPATHLEN];
data/emboss-6.6.0+dfsg/scripts/mkembassy.c:65:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[sizeof(struct dirent) + MAXPATHLEN];
data/emboss-6.6.0+dfsg/scripts/mkembassy.c:145:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char embassydir[MAXPATHLEN];
data/emboss-6.6.0+dfsg/scripts/mkembassy.c:146:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char command[MAXPATHLEN];
data/emboss-6.6.0+dfsg/scripts/winchkexes.c:67:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char line[MAXPATHLEN];
data/emboss-6.6.0+dfsg/scripts/winchkexes.c:75:11:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    inf = fopen(issname,"rb");
data/emboss-6.6.0+dfsg/scripts/winchkexes.c:122:11:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    inf = fopen(issname,"rb");
data/emboss-6.6.0+dfsg/scripts/winchkexes.c:166:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char fname[MAXPATHLEN];
data/emboss-6.6.0+dfsg/scripts/winchkexes.c:167:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[sizeof(struct dirent) + MAXPATHLEN];
data/emboss-6.6.0+dfsg/ajax/acd/ajacd.c:6559:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    ajint ilen = strlen(type);
data/emboss-6.6.0+dfsg/ajax/acd/ajacd.c:6616:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    ajint ilen = strlen(key);
data/emboss-6.6.0+dfsg/ajax/acd/ajacd.c:12903:41:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
    acdQualToInt(thys, "pmismatch", 0, &mismatch, &acdTmpStr);
data/emboss-6.6.0+dfsg/ajax/acd/ajacd.c:12911:8:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
    if(mismatch < 0)
data/emboss-6.6.0+dfsg/ajax/acd/ajacd.c:12915:15:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
	    patname, mismatch, type, isprotein);
data/emboss-6.6.0+dfsg/ajax/acd/ajacd.c:12952:19:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
				   isprotein, mismatch);
data/emboss-6.6.0+dfsg/ajax/acd/ajacd.c:21226:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    j = strlen(title);
data/emboss-6.6.0+dfsg/ajax/acd/ajacd.c:21792:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    k = strlen(attrib);
data/emboss-6.6.0+dfsg/ajax/core/ajalign.c:2316:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    data->LenAli = AJMIN(strlen(seqa), strlen(seqb));
data/emboss-6.6.0+dfsg/ajax/core/ajalign.c:2316:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    data->LenAli = AJMIN(strlen(seqa), strlen(seqb));
data/emboss-6.6.0+dfsg/ajax/core/ajassem.h:100:48:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
AjPList ajAssemreadSetAlignblocks(AjPAssemRead read);
data/emboss-6.6.0+dfsg/ajax/core/ajbamindex.c:851:6:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	l = strlen(_fn);
data/emboss-6.6.0+dfsg/ajax/core/ajbamindex.c:862:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    fnidx = (char*)calloc(strlen(fn) + 5, 1);
data/emboss-6.6.0+dfsg/ajax/core/ajbamindex.c:870:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if (s == fn + strlen(fn) - 3)
data/emboss-6.6.0+dfsg/ajax/core/ajbamindex.c:873:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    fnidx[strlen(fn)-1] = 'i';
data/emboss-6.6.0+dfsg/ajax/core/ajbamindex.c:930:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    fnidx = (char*)calloc(strlen(fn) + 5, 1);
data/emboss-6.6.0+dfsg/ajax/core/ajbase.c:725:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    l1 = strlen(p);
data/emboss-6.6.0+dfsg/ajax/core/ajbase.c:726:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    l2 = strlen(q);
data/emboss-6.6.0+dfsg/ajax/core/ajbase.c:1235:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    l1 = strlen(p);
data/emboss-6.6.0+dfsg/ajax/core/ajbase.c:1236:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    l2 = strlen(q);
data/emboss-6.6.0+dfsg/ajax/core/ajdom.c:1236:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if(strlen(qualname))
data/emboss-6.6.0+dfsg/ajax/core/ajdom.c:1493:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if(map && strlen(name))
data/emboss-6.6.0+dfsg/ajax/core/ajfeat.c:3478:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    ajuint ilen = strlen(name);
data/emboss-6.6.0+dfsg/ajax/core/ajfeat.c:3610:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    noteposcolon = strlen(tname) + 1;
data/emboss-6.6.0+dfsg/ajax/core/ajfeat.c:3611:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    noteposvalue = strlen(tname) + 3;
data/emboss-6.6.0+dfsg/ajax/core/ajfeat.c:6447:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		    if(ajStrGetLen(typstr) == strlen(types[i]) + 15)
data/emboss-6.6.0+dfsg/ajax/core/ajfeat.c:6456:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		    if(ajStrGetLen(typstr) == strlen(types[i]) + 14)
data/emboss-6.6.0+dfsg/ajax/core/ajfeat.c:6465:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		    if(ajStrGetLen(typstr) == strlen(types[i]) + 16)
data/emboss-6.6.0+dfsg/ajax/core/ajfeatwrite.c:2946:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    left = strlen(prefix);
data/emboss-6.6.0+dfsg/ajax/core/ajfeatwrite.c:3027:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    left = strlen(prefix);
data/emboss-6.6.0+dfsg/ajax/core/ajfeatwrite.c:3113:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    left = strlen(prefix);
data/emboss-6.6.0+dfsg/ajax/core/ajfeatwrite.c:4453:8:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if(strlen(tag)==0)
data/emboss-6.6.0+dfsg/ajax/core/ajfeatwrite.c:4783:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    if(strlen(cp)>0)
data/emboss-6.6.0+dfsg/ajax/core/ajfile.c:5268:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    ajStrGetLen(line->Line), strlen(ajStrGetPtr(line->Line)),
data/emboss-6.6.0+dfsg/ajax/core/ajfile.c:5273:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    ajStrGetLen(line->Line), strlen(ajStrGetPtr(line->Line)),
data/emboss-6.6.0+dfsg/ajax/core/ajfile.c:6440:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if(txt[strlen(txt)-1] == SLASH_CHAR)
data/emboss-6.6.0+dfsg/ajax/core/ajfileio.c:267:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            jlen = strlen(&buff[ipos]);
data/emboss-6.6.0+dfsg/ajax/core/ajfileio.c:272:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	jlen = strlen(&buff[ipos]);
data/emboss-6.6.0+dfsg/ajax/core/ajfileio.c:539:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    sp = &buffer[strlen(buffer)];
data/emboss-6.6.0+dfsg/ajax/core/ajfileio.c:1457:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    i = strlen(txt) + 1;
data/emboss-6.6.0+dfsg/ajax/core/ajfmt.c:353:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        ajFmtPuts(str, strlen(str), put, cl, flags,
data/emboss-6.6.0+dfsg/ajax/core/ajfmt.c:898:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    ajFmtPutd(buf, strlen(buf), put, cl, flags,
data/emboss-6.6.0+dfsg/ajax/core/ajfmt.c:1073:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        lenyr = strlen(yr);
data/emboss-6.6.0+dfsg/ajax/core/ajfmt.c:1082:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    ajFmtPuts(&buf[0], strlen(buf), put, cl, flags,
data/emboss-6.6.0+dfsg/ajax/core/ajfmt.c:2543:27:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
                if((ipc = getc(stream)) == EOF)
data/emboss-6.6.0+dfsg/ajax/core/ajfmt.c:2595:35:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
                        if((ipc = getc(stream)) == EOF)
data/emboss-6.6.0+dfsg/ajax/core/ajfmt.c:2626:31:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
                        ipc = getc(stream);
data/emboss-6.6.0+dfsg/ajax/core/ajfmt.c:2648:35:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
                        if((ipc = getc(stream)) == EOF)
data/emboss-6.6.0+dfsg/ajax/core/ajfmt.c:2668:31:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
                        ipc = getc(stream);
data/emboss-6.6.0+dfsg/ajax/core/ajfmt.c:2690:35:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
                        if((ipc = getc(stream)) == EOF)
data/emboss-6.6.0+dfsg/ajax/core/ajfmt.c:2712:31:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
                        ipc = getc(stream);
data/emboss-6.6.0+dfsg/ajax/core/ajfmt.c:2733:31:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
                    if((ipc = getc(stream)) == EOF)
data/emboss-6.6.0+dfsg/ajax/core/ajfmt.c:2751:35:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
                        if((ipc = getc(stream)) == EOF)
data/emboss-6.6.0+dfsg/ajax/core/ajfmt.c:2768:39:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
                            if((ipc = getc(stream)) == EOF)
data/emboss-6.6.0+dfsg/ajax/core/ajfmt.c:2808:31:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
                    if((ipc = getc(stream)) == EOF)
data/emboss-6.6.0+dfsg/ajax/core/ajfmt.c:2842:31:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
                        ipc = getc(stream);
data/emboss-6.6.0+dfsg/ajax/core/ajfmt.c:2858:31:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
                    if((ipc = getc(stream)) == EOF)
data/emboss-6.6.0+dfsg/ajax/core/ajfmt.c:2885:35:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
                        if((ipc = getc(stream)) == EOF)
data/emboss-6.6.0+dfsg/ajax/core/ajfmt.c:2898:31:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
                    if((ipc = getc(stream)) == EOF)
data/emboss-6.6.0+dfsg/ajax/core/ajfmt.c:2946:23:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
                ipc = getc(stream);
data/emboss-6.6.0+dfsg/ajax/core/ajfmt.c:2959:23:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
            if((ipc = getc(stream)) == EOF)
data/emboss-6.6.0+dfsg/ajax/core/ajindex.c:863:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    ilen = strlen(nametxt);
data/emboss-6.6.0+dfsg/ajax/core/ajindex.c:1291:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    else if(idirtxt[strlen(idirtxt)-1] == SLASH_CHAR)
data/emboss-6.6.0+dfsg/ajax/core/ajindex.c:8252:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    else if(idirtxt[strlen(idirtxt)-1] == SLASH_CHAR)
data/emboss-6.6.0+dfsg/ajax/core/ajindex.c:8346:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        else if(idirtxt[strlen(idirtxt)-1] == SLASH_CHAR)
data/emboss-6.6.0+dfsg/ajax/core/ajindex.c:11984:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	codeptr += (strlen((const char *)codeptr) + 1);
data/emboss-6.6.0+dfsg/ajax/core/ajindex.c:14131:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    else if(idirtxt[strlen(idirtxt)-1] == SLASH_CHAR)
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:1462:21:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	    while((nread = read(outpipe[0],(void *)buf,JBUFFLEN))==-1
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:1472:21:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	    while((nread = read(errpipe[0],(void *)buf,JBUFFLEN))==-1
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:1492:21:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	    while((nread = read(outpipe[0],(void *)buf,JBUFFLEN))==-1
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:1503:21:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	    while((nread = read(errpipe[0],(void *)buf,JBUFFLEN))==-1
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:1523:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	    nread = read(outpipe[0],(void *)buf,AJ_OUTBUF);
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:1536:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	    nread = read(errpipe[0],(void *)buf,AJ_OUTBUF);
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:1553:10:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	nread = read(outpipe[0],(void *)buf,AJ_OUTBUF);
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:1567:10:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	nread = read(errpipe[0],(void *)buf,AJ_OUTBUF);
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:2424:21:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	    while((nread = read(outpipe[0],(void *)buf,JBUFFLEN))==-1
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:2434:21:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	    while((nread = read(errpipe[0],(void *)buf,JBUFFLEN))==-1
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:2454:21:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	    while((nread = read(outpipe[0],(void *)buf,JBUFFLEN))==-1
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:2466:21:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	    while((nread = read(errpipe[0],(void *)buf,JBUFFLEN))==-1
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:2489:21:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	    while((nread = read(outpipe[0],(void *)buf,JBUFFLEN))==-1
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:2508:21:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	    while((nread = read(errpipe[0],(void *)buf,JBUFFLEN))==-1
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:2532:17:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	while((nread = read(outpipe[0],(void *)buf,JBUFFLEN))==-1
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:2553:17:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	while((nread = read(errpipe[0],(void *)buf,JBUFFLEN))==-1
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:2662:21:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	    while((nread = read(outpipe[0],(void *)buf,JBUFFLEN))==-1
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:2675:21:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	    while((nread = read(errpipe[0],(void *)buf,JBUFFLEN))==-1
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:2698:21:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	    while((nread = read(outpipe[0],(void *)buf,JBUFFLEN))==-1
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:2713:21:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	    while((nread = read(errpipe[0],(void *)buf,JBUFFLEN))==-1
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:2738:21:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	    while((nread = read(outpipe[0],(void *)buf,JBUFFLEN))==-1
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:2758:21:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	    while((nread = read(errpipe[0],(void *)buf,JBUFFLEN))==-1
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:2782:17:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	while((nread = read(outpipe[0],(void *)buf,JBUFFLEN))==-1
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:2802:17:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	while((nread = read(errpipe[0],(void *)buf,JBUFFLEN))==-1
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:5703:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
		while((got=read(rchan,p,n-(p-buf)))==-1 && errno==EINTR);
data/emboss-6.6.0+dfsg/ajax/core/ajjava.c:5744:17:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	    while((got=read(rchan,p,n-(p-buf)))==-1 && errno==EINTR);
data/emboss-6.6.0+dfsg/ajax/core/ajmess.c:638:5:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
    strcat(mesg_buf, "\n"); /* assume we are writing to a file */
data/emboss-6.6.0+dfsg/ajax/core/ajmess.c:1228:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	prefix_len = strlen(prefix);
data/emboss-6.6.0+dfsg/ajax/core/ajmess.c:1298:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if(strcmp((path + strlen(path) - 1), path_delim) != 0)
data/emboss-6.6.0+dfsg/ajax/core/ajmess.c:2054:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	jlen = strlen(&buff[ipos]);
data/emboss-6.6.0+dfsg/ajax/core/ajnam.c:1369:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    attrlen = strlen(attribute);
data/emboss-6.6.0+dfsg/ajax/core/ajnam.c:1635:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    attrlen = strlen(attribute);
data/emboss-6.6.0+dfsg/ajax/core/ajnam.c:2061:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    attrlen = strlen(attribute);
data/emboss-6.6.0+dfsg/ajax/core/ajnam.c:8119:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if(!strlen(attr->Defval))
data/emboss-6.6.0+dfsg/ajax/core/ajnam.c:8980:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if(!strlen(attr->Defval))
data/emboss-6.6.0+dfsg/ajax/core/ajpat.c:154:15:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
				   ajuint mismatch)
data/emboss-6.6.0+dfsg/ajax/core/ajpat.c:171:23:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
    pthis->Mismatch = mismatch;
data/emboss-6.6.0+dfsg/ajax/core/ajpat.c:821:10:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
					    mismatch);
data/emboss-6.6.0+dfsg/ajax/core/ajpat.c:832:22:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
			ajStrToUint(name,&mismatch);
data/emboss-6.6.0+dfsg/ajax/core/ajpat.c:844:43:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
	    ajPatternSeqNewList(patlist,name,pat,mismatch);
data/emboss-6.6.0+dfsg/ajax/core/ajpat.h:318:60:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
                                  const AjPStr pat, ajuint mismatch);
data/emboss-6.6.0+dfsg/ajax/core/ajreg.c:258:54:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    status = pcre_exec(prog->pcre, prog->extra, str, strlen(str),
data/emboss-6.6.0+dfsg/ajax/core/ajreg.c:371:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                  str, strlen(str),
data/emboss-6.6.0+dfsg/ajax/core/ajseq.c:1470:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    ajint i = strlen(txt);
data/emboss-6.6.0+dfsg/ajax/core/ajseq.c:6746:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    ret->len     = strlen(bases);
data/emboss-6.6.0+dfsg/ajax/core/ajseq.c:6792:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    imax = strlen(bases);
data/emboss-6.6.0+dfsg/ajax/core/ajseq.c:6844:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    ret->len     = strlen(bases);
data/emboss-6.6.0+dfsg/ajax/core/ajseqbam.c:359:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    ret->l_text = strlen(txt);
data/emboss-6.6.0+dfsg/ajax/core/ajseqbam.c:386:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    header->l_text = strlen(txt);
data/emboss-6.6.0+dfsg/ajax/core/ajseqbam.c:526:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120). Risk is low because the source is a
  constant string.
    strncpy(buf, "BAM\001", 4);
data/emboss-6.6.0+dfsg/ajax/core/ajseqbam.c:559:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        name_len = strlen(p) + 1;
data/emboss-6.6.0+dfsg/ajax/core/ajseqread.c:6256:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            if(strlen(cp) != ajStrGetLen(seqReadLine))
data/emboss-6.6.0+dfsg/ajax/core/ajseqread.c:6316:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            if(strlen(cbuf) != iread)
data/emboss-6.6.0+dfsg/ajax/core/ajseqtype.c:1136:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    igap = strlen(seqCharGapTest);
data/emboss-6.6.0+dfsg/ajax/core/ajseqtype.c:1471:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    ajStrGetLen(thys), strlen(ajStrGetPtr(thys)), tmpstr);
data/emboss-6.6.0+dfsg/ajax/core/ajseqtype.c:1520:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    ajStrGetLen(thys), strlen(ajStrGetPtr(thys)));
data/emboss-6.6.0+dfsg/ajax/core/ajseqwrite.c:1228:5:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
    strcpy(sf->endstr, "");
data/emboss-6.6.0+dfsg/ajax/core/ajseqwrite.c:2120:2:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
	strcpy(sf->endstr, "\n");   /* to help with misreads at EOF */
data/emboss-6.6.0+dfsg/ajax/core/ajseqwrite.c:7869:5:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
    strcpy(sf->endstr, "1");	/* linear (DNA) */
data/emboss-6.6.0+dfsg/ajax/core/ajseqwrite.c:7923:5:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
    strcpy(sf->endstr, "1");	/* linear (DNA) */
data/emboss-6.6.0+dfsg/ajax/core/ajseqwrite.c:7956:5:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
    strcpy(sf->endstr, "\n");
data/emboss-6.6.0+dfsg/ajax/core/ajseqwrite.c:8517:6:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	    strcat(nocountsymbols," ");
data/emboss-6.6.0+dfsg/ajax/core/ajseqwrite.c:8518:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    nocountsymbols[strlen(nocountsymbols)-1]= sf->gapchar;
data/emboss-6.6.0+dfsg/ajax/core/ajseqwrite.c:9871:56:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    ajDebug("seqSeqFormat numwidth old: %d new: %d\n", strlen(numform)+1, j);
data/emboss-6.6.0+dfsg/ajax/core/ajseqwrite.c:9894:2:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
	strcpy(sf->endstr, "");
data/emboss-6.6.0+dfsg/ajax/core/ajseqwrite.c:11076:5:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
    strcpy(sf->endstr, "");
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:188:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = strlen(txt);
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:280:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        ilen = strlen(txt);
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:1330:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    ilen = strlen(txt2);
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:1335:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if(ilen > strlen(txt))		/* prefix longer */
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:1367:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if(str->Len > strlen(txt))	/* prefix longer */
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:1479:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    ilen   = strlen(txt2);
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:1480:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    jlen   = strlen(txt);
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:1519:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    jlen   = strlen(txt);
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:1562:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    ilen   = strlen(txt2);
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:1563:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    jlen   = strlen(txt);
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:1612:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    jlen   = strlen(txt);
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:2033:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	strp->Len = strlen(strp->Ptr);
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:2129:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    i = strlen(txt);
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:2267:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    i = strlen(txt);
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:2732:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      i = strlen(txt);
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:3065:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	ilen = strlen(txt);
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:3164:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      ibegin = strlen(txt) + (size_t) pos1;
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:3167:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      iend = strlen(txt) + (size_t) pos2;
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:3344:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    i = strlen(txt);
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:3565:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    jlen = strlen(txt);
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:3671:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(txt);
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:3806:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(txt);
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:4064:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    slen = strlen(txt);
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:5602:6:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	len=strlen(p);
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:5635:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len=strlen(p);
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:5731:6:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	len=strlen(p);
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:5764:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len=strlen(p);
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:6205:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    tlen = strlen(txt);
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:6206:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    newlen = strlen(txtnew);
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:6271:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    tlen = strlen(txt);
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:6454:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    tlen = strlen(txt);
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:6500:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    i = strlen(txtnew);
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:6502:8:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if(strlen(txt) > i)
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:8374:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if(str->Len != strlen(str->Ptr))
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:8377:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		   str->Len, strlen(str->Ptr));
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:8719:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    thys->Len = strlen(thys->Ptr);
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:8766:8:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	len = strlen(thys->Ptr);
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:11000:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    ilen = strlen(txt2);
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:11117:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    ilen   = strlen(txt2);
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:12073:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(txt2);
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:12465:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	strp->Len = strlen(strp->Ptr);
data/emboss-6.6.0+dfsg/ajax/core/ajstr.c:16193:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    return (ajint) ajCvtSposToPos(strlen(thys), ipos);
data/emboss-6.6.0+dfsg/ajax/core/ajsys.c:55:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
#define read     _read
data/emboss-6.6.0+dfsg/ajax/core/ajsys.c:966:16:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    while((n = read(from, cbuf, sizeof(cbuf))) > 0)
data/emboss-6.6.0+dfsg/ajax/core/ajsys.c:1319:6:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	c = getc(fp);
data/emboss-6.6.0+dfsg/ajax/core/ajsys.c:1339:12:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	    if((c=getc(fp)) == '\n')
data/emboss-6.6.0+dfsg/ajax/core/ajsys.c:1442:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    AJCNEW(p, strlen(dupstr)+1);
data/emboss-6.6.0+dfsg/ajax/core/ajtranslate.c:1798:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    ajuint len = strlen(seq);
data/emboss-6.6.0+dfsg/ajax/core/ajutil.c:911:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    srclen = strlen(src);
data/emboss-6.6.0+dfsg/ajax/core/ajutil.c:991:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        size = strlen((const char *)src);
data/emboss-6.6.0+dfsg/ajax/ensembl/ensgvgenotype.c:418:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    qsort(string, strlen(string), sizeof (char), &gvCharCmp);
data/emboss-6.6.0+dfsg/ajax/graphics/ajgraph.c:2207:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    numchar = strlen(txt);
data/emboss-6.6.0+dfsg/ajax/graphics/ajgraph.c:4275:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if(!strlen(txt))
data/emboss-6.6.0+dfsg/ajax/graphics/ajgraph.c:9927:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    numchar = strlen(txt);
data/emboss-6.6.0+dfsg/ajax/pcre/pcre_compile.c:6376:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
cd->end_pattern = (const uschar *)(pattern + strlen(pattern));
data/emboss-6.6.0+dfsg/ajax/pcre/pcre_dfa_exec.c:472:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  pchars((uschar *)ptr, strlen((char *)ptr), stdout);
data/emboss-6.6.0+dfsg/ajax/pcre/pcre_internal.h:275:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define strlen(s)        _strlen(s)
data/emboss-6.6.0+dfsg/ajax/pcre/pcreposix.c:171:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(message) + 1;
data/emboss-6.6.0+dfsg/ajax/pcre/pcreposix.c:175:3:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  strlen(addmessage) + 6 : 0;
data/emboss-6.6.0+dfsg/ajax/pcre/pcreposix.c:183:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(errbuf, message, errbuf_size - 1);
data/emboss-6.6.0+dfsg/ajax/pcre/pcreposix.c:314:8:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  eo = strlen(string);
data/emboss-6.6.0+dfsg/ajax/zlib/gzlib.c:151:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    state->path = malloc(strlen(path) + 1);
data/emboss-6.6.0+dfsg/ajax/zlib/gzlib.c:509:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if ((state->msg = malloc(strlen(state->path) + strlen(msg) + 3)) == NULL) {
data/emboss-6.6.0+dfsg/ajax/zlib/gzlib.c:509:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if ((state->msg = malloc(strlen(state->path) + strlen(msg) + 3)) == NULL) {
data/emboss-6.6.0+dfsg/ajax/zlib/gzread.c:31:15:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        ret = read(state->fd, buf + *have, len - *have);
data/emboss-6.6.0+dfsg/ajax/zlib/gzwrite.c:272:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = (unsigned)strlen(str);
data/emboss-6.6.0+dfsg/ajax/zlib/gzwrite.c:331:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(state->in);
data/emboss-6.6.0+dfsg/ajax/zlib/gzwrite.c:405:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(state->in);
data/emboss-6.6.0+dfsg/ajax/zlib/zlibemboss.h:15:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
#define read _read
data/emboss-6.6.0+dfsg/emboss/cons.c:80:5:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if(strlen(p)!=mlen)
data/emboss-6.6.0+dfsg/emboss/consambig.c:71:5:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if(strlen(p)!=mlen)
data/emboss-6.6.0+dfsg/emboss/cutgextract.c:441:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if(p[strlen(p)-1]=='_')
data/emboss-6.6.0+dfsg/emboss/cutgextract.c:442:4:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	p[strlen(p)-1]='\0';
data/emboss-6.6.0+dfsg/emboss/dan.c:34:41:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
			 ajint shift, float formamide, float mismatch,
data/emboss-6.6.0+dfsg/emboss/dan.c:44:46:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
		       ajint shift, float formamide, float mismatch,
data/emboss-6.6.0+dfsg/emboss/dan.c:87:11:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
    float mismatch;
data/emboss-6.6.0+dfsg/emboss/dan.c:175:33:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
		       window,shift,formamide,mismatch,
data/emboss-6.6.0+dfsg/emboss/dan.c:181:31:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
		     window,shift,formamide,mismatch,
data/emboss-6.6.0+dfsg/emboss/dan.c:253:46:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
		       ajint shift, float formamide, float mismatch,
data/emboss-6.6.0+dfsg/emboss/dan.c:329:3:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
		mismatch;
data/emboss-6.6.0+dfsg/emboss/dan.c:380:41:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
			 ajint shift, float formamide, float mismatch,
data/emboss-6.6.0+dfsg/emboss/dan.c:468:3:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
		mismatch;
data/emboss-6.6.0+dfsg/emboss/dbiflat.c:865:53:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    ajStrCutStart(&dbiflatGTmpLine, strlen(swissprefix[j]));
data/emboss-6.6.0+dfsg/emboss/distmat.c:162:5:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if(strlen(p)!=mlen)
data/emboss-6.6.0+dfsg/emboss/distmat.c:1410:6:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	    strncpy(pseq[i]+count,pseqset+j,1);
data/emboss-6.6.0+dfsg/emboss/distmat.c:1414:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
		strncpy(pseq[i]+count,pseqset+j+1,1);
data/emboss-6.6.0+dfsg/emboss/edialign.c:802:6:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	    strcat( input_line , " " );
data/emboss-6.6.0+dfsg/emboss/edialign.c:810:6:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	    strcat( input_line , " " );
data/emboss-6.6.0+dfsg/emboss/edialign.c:821:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
       ( ! strcmp( input_name + strlen( input_name ) - 4 , ".seq" ) )
data/emboss-6.6.0+dfsg/emboss/edialign.c:822:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
       || ( ! strcmp( input_name + strlen( input_name ) - 3 , ".fa" ) )
data/emboss-6.6.0+dfsg/emboss/edialign.c:823:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
       || ( ! strcmp( input_name + strlen( input_name ) - 6 , ".fasta" ) )
data/emboss-6.6.0+dfsg/emboss/edialign.c:4197:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(strng);
data/emboss-6.6.0+dfsg/emboss/edialign.c:5690:13:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
            strcpy(string,"(");
data/emboss-6.6.0+dfsg/emboss/edialign.c:5696:13:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
            strcat(string,")");
data/emboss-6.6.0+dfsg/emboss/edialign.c:5703:5:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
    strcat(string, ";"); 
data/emboss-6.6.0+dfsg/emboss/edialign.c:5705:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    i = strlen( string ) + 2;
data/emboss-6.6.0+dfsg/emboss/edialign.c:5713:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for(i = 0 ; i <= strlen( string ) ; i++ )
data/emboss-6.6.0+dfsg/emboss/edialign.c:5981:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for( i = 0 ; i < strlen( str ) - 1  ; i++ )
data/emboss-6.6.0+dfsg/emboss/edialign.c:6033:6:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if( strlen( line ) > 4 )
data/emboss-6.6.0+dfsg/emboss/edialign.c:6230:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    fsqn[ sn ] = ( char * ) calloc(strlen(line) + 3 , sizeof(char)); 
data/emboss-6.6.0+dfsg/emboss/edialign.c:6239:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		if( crc < strlen(line) ) 
data/emboss-6.6.0+dfsg/emboss/edialign.c:6252:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    max_char[ sn ] = max_char[ sn ] + strlen( line ) - 1 ; 
data/emboss-6.6.0+dfsg/emboss/edialign.c:6279:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	sqn[ 1 ]  = ( char * ) calloc( strlen( line ) + 3 , sizeof ( char ) );
data/emboss-6.6.0+dfsg/emboss/edialign.c:6299:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    for( k = 0 ; k < strlen( line )  ; k++ )
data/emboss-6.6.0+dfsg/emboss/edialign.c:6311:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	seqlen[ i ] = strlen ( sq[ i ] ) ;
data/emboss-6.6.0+dfsg/emboss/edialign.c:8044:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		regex_len = strlen( mot_regex ) ;
data/emboss-6.6.0+dfsg/emboss/einverted.c:59:14:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
static ajint mismatch;
data/emboss-6.6.0+dfsg/emboss/einverted.c:187:11:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
		*ip++ = mismatch;
data/emboss-6.6.0+dfsg/emboss/emowse.c:851:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    stlen = strlen(s);
data/emboss-6.6.0+dfsg/emboss/eprimer3.c:559:17:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    while((ch = getc( stream )) != EOF)
data/emboss-6.6.0+dfsg/emboss/eprimer3.c:826:8:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if(strlen(value))
data/emboss-6.6.0+dfsg/emboss/eprimer32.c:582:17:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    while((ch = getc( stream )) != EOF)
data/emboss-6.6.0+dfsg/emboss/eprimer32.c:930:8:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if(strlen(value))
data/emboss-6.6.0+dfsg/emboss/est2genome.c:212:8:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
    if(mismatch < 0)
data/emboss-6.6.0+dfsg/emboss/est2genome.c:213:14:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
	mismatch = -mismatch;
data/emboss-6.6.0+dfsg/emboss/est2genome.c:221:26:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
    embEstMatInit(match, mismatch, gap_penalty, 0, '-');
data/emboss-6.6.0+dfsg/emboss/est2genome.c:300:7:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
					 mismatch, gap_penalty,
data/emboss-6.6.0+dfsg/emboss/est2genome.c:315:14:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
					 match, mismatch, gap_penalty,
data/emboss-6.6.0+dfsg/emboss/est2genome.c:330:11:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
					     mismatch, gap_penalty,
data/emboss-6.6.0+dfsg/emboss/est2genome.c:375:18:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
					     match, mismatch,
data/emboss-6.6.0+dfsg/emboss/etandem.c:374:47:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
    ajFmtPrintAppS(&tmpstr, "Mismatch: %B\n", mismatch);
data/emboss-6.6.0+dfsg/emboss/etandem.c:423:17:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
			if(x == 4 && mismatch)
data/emboss-6.6.0+dfsg/emboss/infoassembly.c:174:54:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
static int infoassembly_countMismatches(AjPAssemRead read,
data/emboss-6.6.0+dfsg/emboss/infoseq.c:391:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    ajuint tlen = strlen(text);
data/emboss-6.6.0+dfsg/emboss/jaspextract.c:253:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            preflen = strlen(Jprefix[i].Prefix);
data/emboss-6.6.0+dfsg/emboss/jembossctl.c:1156:21:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	    while((nread = read(outpipe[0],(void *)buf,JBUFFLEN))==-1
data/emboss-6.6.0+dfsg/emboss/jembossctl.c:1165:21:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	    while((nread = read(errpipe[0],(void *)buf,JBUFFLEN))==-1
data/emboss-6.6.0+dfsg/emboss/jembossctl.c:1184:21:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	    while((nread = read(outpipe[0],(void *)buf,JBUFFLEN))==-1
data/emboss-6.6.0+dfsg/emboss/jembossctl.c:1195:21:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	    while((nread = read(errpipe[0],(void *)buf,JBUFFLEN))==-1
data/emboss-6.6.0+dfsg/emboss/jembossctl.c:1214:21:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	    while((nread = read(outpipe[0],(void *)buf,JBUFFLEN))==-1
data/emboss-6.6.0+dfsg/emboss/jembossctl.c:1227:21:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	    while((nread = read(errpipe[0],(void *)buf,JBUFFLEN))==-1
data/emboss-6.6.0+dfsg/emboss/jembossctl.c:1244:17:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	while((nread = read(outpipe[0],(void *)buf,JBUFFLEN))==-1
data/emboss-6.6.0+dfsg/emboss/jembossctl.c:1258:17:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	while((nread = read(errpipe[0],(void *)buf,JBUFFLEN))==-1
data/emboss-6.6.0+dfsg/emboss/jembossctl.c:1561:21:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	    while((nread = read(outpipe[0],(void *)buf,JBUFFLEN))==-1
data/emboss-6.6.0+dfsg/emboss/jembossctl.c:1570:21:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	    while((nread = read(errpipe[0],(void *)buf,JBUFFLEN))==-1
data/emboss-6.6.0+dfsg/emboss/jembossctl.c:1589:21:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	    while((nread = read(outpipe[0],(void *)buf,JBUFFLEN))==-1
data/emboss-6.6.0+dfsg/emboss/jembossctl.c:1600:21:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	    while((nread = read(errpipe[0],(void *)buf,JBUFFLEN))==-1
data/emboss-6.6.0+dfsg/emboss/jembossctl.c:1619:21:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	    while((nread = read(outpipe[0],(void *)buf,JBUFFLEN))==-1
data/emboss-6.6.0+dfsg/emboss/jembossctl.c:1632:21:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	    while((nread = read(errpipe[0],(void *)buf,JBUFFLEN))==-1
data/emboss-6.6.0+dfsg/emboss/jembossctl.c:1647:17:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	while((nread = read(outpipe[0],(void *)buf,JBUFFLEN))==-1
data/emboss-6.6.0+dfsg/emboss/jembossctl.c:1661:17:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	while((nread = read(errpipe[0],(void *)buf,JBUFFLEN))==-1
data/emboss-6.6.0+dfsg/emboss/jembossctl.c:2954:15:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	while((sofar=read(fd,p,n-(p-q)))==-1 && errno==EINTR);
data/emboss-6.6.0+dfsg/emboss/jembossctl.c:3469:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if(!(buf=(char *)malloc((len=strlen(file))+1)))
data/emboss-6.6.0+dfsg/emboss/jembossctl.c:3622:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
		while((got=read(rchan,p,n-(p-buf)))==-1 && errno==EINTR);
data/emboss-6.6.0+dfsg/emboss/jembossctl.c:3657:17:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	    while((got=read(rchan,p,n-(p-buf)))==-1 && errno==EINTR);
data/emboss-6.6.0+dfsg/emboss/matcher.c:493:3:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		strlen(seqc0), strlen(seqc1));
data/emboss-6.6.0+dfsg/emboss/matcher.c:493:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		strlen(seqc0), strlen(seqc1));
data/emboss-6.6.0+dfsg/emboss/merger.c:386:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    tt = strlen(&a[apos]);
data/emboss-6.6.0+dfsg/emboss/merger.c:389:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    tt = strlen(&b[bpos]);
data/emboss-6.6.0+dfsg/emboss/merger.c:532:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for(i=pos; i<pos+window && i < strlen(seq); i++)
data/emboss-6.6.0+dfsg/emboss/msbar.c:527:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    xlen = strlen(nuc);
data/emboss-6.6.0+dfsg/emboss/msbar.c:534:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    xlen = strlen(prot);
data/emboss-6.6.0+dfsg/emboss/newcoils.c:111:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	for(i=0; i<strlen(NCAAs); ++i)
data/emboss-6.6.0+dfsg/emboss/newcoils.c:212:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(seq);
data/emboss-6.6.0+dfsg/emboss/newcoils.c:374:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    aa_len = strlen(NCAAs);
data/emboss-6.6.0+dfsg/emboss/pepdigest.c:257:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    stlen = strlen(s);
data/emboss-6.6.0+dfsg/emboss/pepdigest.c:314:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    stlen = strlen(s);
data/emboss-6.6.0+dfsg/emboss/plotorf.c:193:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    stlen = strlen(seq);
data/emboss-6.6.0+dfsg/emboss/primers.c:569:19:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    while ( (ch = getc( stream )) != EOF )
data/emboss-6.6.0+dfsg/emboss/prophecy.c:161:5:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if(strlen(p)!=mlen)
data/emboss-6.6.0+dfsg/emboss/prophecy.c:172:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	stlen = strlen(p);
data/emboss-6.6.0+dfsg/emboss/prophecy.c:307:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    if(i>=strlen(p))
data/emboss-6.6.0+dfsg/emboss/prophecy.c:361:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    if(i>=strlen(p))
data/emboss-6.6.0+dfsg/emboss/prophecy.c:538:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    if(i>=strlen(p))
data/emboss-6.6.0+dfsg/emboss/prophecy.c:587:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    if(i>=strlen(p))
data/emboss-6.6.0+dfsg/emboss/tfscan.c:71:11:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
    ajint mismatch;
data/emboss-6.6.0+dfsg/emboss/tfscan.c:157:11:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
				      mismatch,begin);
data/emboss-6.6.0+dfsg/emboss/wobble.c:219:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    stlen = strlen(seq);
data/emboss-6.6.0+dfsg/nucleus/embaln.c:1285:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    olen = (ajint) strlen(p);
data/emboss-6.6.0+dfsg/nucleus/embaln.c:1327:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    alen = (ajint) strlen(&a[apos]);
data/emboss-6.6.0+dfsg/nucleus/embaln.c:1328:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    blen = (ajint) strlen(&b[bpos]);
data/emboss-6.6.0+dfsg/nucleus/embaln.c:2510:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    olen = (ajint) strlen(p);
data/emboss-6.6.0+dfsg/nucleus/embaln.c:2731:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    olen = (ajint) strlen(p);
data/emboss-6.6.0+dfsg/nucleus/embaln.c:3351:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    olen = (ajint) strlen(p);
data/emboss-6.6.0+dfsg/nucleus/embcom.c:1458:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    dim = (ajint) strlen(vet);
data/emboss-6.6.0+dfsg/nucleus/embest.c:130:30:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
				      ajint match, ajint mismatch,
data/emboss-6.6.0+dfsg/nucleus/embest.c:228:39:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
void embEstMatInit(ajint match, ajint mismatch, ajint gap,
data/emboss-6.6.0+dfsg/nucleus/embest.c:251:44:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
		    lsimmat[c1][c2] = lsimmat[c2][c1] = -mismatch;
data/emboss-6.6.0+dfsg/nucleus/embest.c:413:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = (ajint) strlen(s);
data/emboss-6.6.0+dfsg/nucleus/embest.c:682:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		numlen = (ajint) strlen(number);
data/emboss-6.6.0+dfsg/nucleus/embest.c:1394:28:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
				    ajint match, ajint mismatch,
data/emboss-6.6.0+dfsg/nucleus/embest.c:1482:8:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
			    mismatch, gap_penalty, intron_penalty,
data/emboss-6.6.0+dfsg/nucleus/embest.c:1533:30:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
				      ajint match, ajint mismatch,
data/emboss-6.6.0+dfsg/nucleus/embest.c:1652:63:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
    left_ge = estAlignRecursive(left_est, left_genome, match, mismatch,
data/emboss-6.6.0+dfsg/nucleus/embest.c:1660:6:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
				 mismatch, gap_penalty, intron_penalty,
data/emboss-6.6.0+dfsg/nucleus/embest.h:180:30:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
				      ajint match, ajint mismatch,
data/emboss-6.6.0+dfsg/nucleus/embest.h:189:48:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
void         embEstMatInit (ajint match, ajint mismatch, ajint gap,
data/emboss-6.6.0+dfsg/nucleus/embgroup.c:492:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			    ajStrGetLen(acddir)+strlen(dp->d_name)+3,
data/emboss-6.6.0+dfsg/nucleus/embpat.c:226:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    regexp = ajStrNewRes((ajuint)strlen(ptr) * 4); /* just a rough guess */
data/emboss-6.6.0+dfsg/nucleus/embpat.c:1512:50:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
        if(!(type=embPatGetType(origpat,&pattern,mismatch,0,&m,&amino,
data/emboss-6.6.0+dfsg/nucleus/embpat.c:1517:38:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
                      &regexp,&skipm,mismatch);
data/emboss-6.6.0+dfsg/nucleus/embpat.c:1520:10:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
			 plen,mismatch,amino,carboxyl,buf,off,sotable,
data/emboss-6.6.0+dfsg/nucleus/embpat.c:3939:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = (ajuint) strlen(s);
data/emboss-6.6.0+dfsg/nucleus/embpat.c:3976:15:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
			    ajuint mismatch, ajuint begin)
data/emboss-6.6.0+dfsg/nucleus/embpat.c:4020:55:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
    if(!range && !dontcare && !fclass && !ajcompl && !mismatch && plen>4)
data/emboss-6.6.0+dfsg/nucleus/embpat.c:4036:13:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
    else if(mismatch && !dontcare && !range && !fclass && !ajcompl)
data/emboss-6.6.0+dfsg/nucleus/embpat.c:4043:34:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
			       ajStrGetLen(text),plen,mismatch,off,buf,l,
data/emboss-6.6.0+dfsg/nucleus/embpat.c:4052:55:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
    if(!range && !dontcare && !fclass && !ajcompl && !mismatch)
data/emboss-6.6.0+dfsg/nucleus/embpat.c:4073:42:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
    if(!range && (fclass || ajcompl) && !mismatch && m <= AJWORD)
data/emboss-6.6.0+dfsg/nucleus/embpat.c:4096:9:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
    if(!mismatch && (range || m > AJWORD))
data/emboss-6.6.0+dfsg/nucleus/embpat.c:4132:8:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
    if(mismatch && !range && (fclass || ajcompl))
data/emboss-6.6.0+dfsg/nucleus/embpat.c:4143:37:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
	embPatTUBInit(cleanpattern,skipm,m,mismatch,plen);
data/emboss-6.6.0+dfsg/nucleus/embpat.c:4145:12:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
			      m,mismatch,begin,
data/emboss-6.6.0+dfsg/nucleus/embpat.c:4160:14:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
			    begin,mismatch,patname);
data/emboss-6.6.0+dfsg/nucleus/embpat.c:4829:14:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
		    ajuint mismatch, AjBool protein,
data/emboss-6.6.0+dfsg/nucleus/embpat.c:4878:53:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
    if(!range && !dontcare && !fclass && !compl && !mismatch && plen>AJWORD)
data/emboss-6.6.0+dfsg/nucleus/embpat.c:4883:13:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
    else if(mismatch && !dontcare && !range && !fclass && !compl &&
data/emboss-6.6.0+dfsg/nucleus/embpat.c:4889:58:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
    else if(!range && !dontcare && !fclass && !compl && !mismatch &&
data/emboss-6.6.0+dfsg/nucleus/embpat.c:4895:57:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
    else if(!range && (fclass || compl || dontcare) && !mismatch && *m<=AJWORD)
data/emboss-6.6.0+dfsg/nucleus/embpat.c:4903:14:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
    else if(!mismatch && (range || *m>AJWORD))
data/emboss-6.6.0+dfsg/nucleus/embpat.c:4911:13:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
    else if(mismatch && !range && (fclass || compl))
data/emboss-6.6.0+dfsg/nucleus/embpat.c:4916:14:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
    else if((mismatch && range) || !type)
data/emboss-6.6.0+dfsg/nucleus/embpat.c:4960:13:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
		   ajuint mismatch)
data/emboss-6.6.0+dfsg/nucleus/embpat.c:4992:45:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
            embPatTUBInit(pattern,*skipm,*m,mismatch,*plen);
data/emboss-6.6.0+dfsg/nucleus/embpat.c:5040:29:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
		      ajuint plen, ajuint mismatch, AjBool left, AjBool right,
data/emboss-6.6.0+dfsg/nucleus/embpat.c:5071:33:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
			      ajStrGetLen(text),plen,mismatch,off,buf,l,
data/emboss-6.6.0+dfsg/nucleus/embpat.c:5144:7:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
				m,mismatch,begin,
data/emboss-6.6.0+dfsg/nucleus/embpat.c:5151:12:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
				 begin,mismatch,name);
data/emboss-6.6.0+dfsg/nucleus/embpat.c:5199:46:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
                         ajuint plen, ajuint mismatch,
data/emboss-6.6.0+dfsg/nucleus/embpat.c:5231:33:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
			      ajStrGetLen(text),plen,mismatch,off,buf,l,
data/emboss-6.6.0+dfsg/nucleus/embpat.c:5303:7:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
				m,mismatch,begin,
data/emboss-6.6.0+dfsg/nucleus/embpat.c:5310:12:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
				 begin,mismatch,name);
data/emboss-6.6.0+dfsg/nucleus/embpat.c:5338:47:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
void embPatCompileII (AjPPatComp thys, ajuint mismatch)
data/emboss-6.6.0+dfsg/nucleus/embpat.c:5377:23:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
        if(thys->m && mismatch >= thys->m)
data/emboss-6.6.0+dfsg/nucleus/embpat.c:5379:48:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
                    "real pattern length (%d)",mismatch,thys->m);
data/emboss-6.6.0+dfsg/nucleus/embpat.c:5389:50:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
	embPatTUBInit(thys->pattern,thys->skipm,thys->m,mismatch,thys->plen);
data/emboss-6.6.0+dfsg/nucleus/embpat.c:5423:42:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
			 const AjPStr text, AjPList l, ajuint mismatch,
data/emboss-6.6.0+dfsg/nucleus/embpat.c:5454:21:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
			      thys->plen,mismatch,thys->off,thys->buf,l,
data/emboss-6.6.0+dfsg/nucleus/embpat.c:5528:13:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
				thys->m,mismatch,begin,l,
data/emboss-6.6.0+dfsg/nucleus/embpat.c:5535:14:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
				 l,begin,mismatch,name);
data/emboss-6.6.0+dfsg/nucleus/embpat.c:5568:66:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
                            const AjPStr text, AjPList l, ajuint mismatch,
data/emboss-6.6.0+dfsg/nucleus/embpat.c:5599:21:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
			      thys->plen,mismatch,thys->off,thys->buf,l,
data/emboss-6.6.0+dfsg/nucleus/embpat.c:5673:13:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
				thys->m,mismatch,begin,l,
data/emboss-6.6.0+dfsg/nucleus/embpat.c:5680:14:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
				 l,begin,mismatch,name);
data/emboss-6.6.0+dfsg/nucleus/embpat.c:5709:71:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
ajuint embPatGetTypeII (AjPPatComp thys, const AjPStr pattern, ajuint mismatch,
data/emboss-6.6.0+dfsg/nucleus/embpat.c:5753:53:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
    if(!range && !dontcare && !fclass && !compl && !mismatch && plen>AJWORD)
data/emboss-6.6.0+dfsg/nucleus/embpat.c:5758:13:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
    else if(mismatch && !dontcare && !range && !fclass && !compl &&
data/emboss-6.6.0+dfsg/nucleus/embpat.c:5764:58:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
    else if(!range && !dontcare && !fclass && !compl && !mismatch &&
data/emboss-6.6.0+dfsg/nucleus/embpat.c:5772:7:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
	    !mismatch && thys->m<=AJWORD)
data/emboss-6.6.0+dfsg/nucleus/embpat.c:5780:14:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
    else if(!mismatch && (range || thys->m>AJWORD))
data/emboss-6.6.0+dfsg/nucleus/embpat.c:5801:13:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
    else if(mismatch && !range && (fclass || compl))
data/emboss-6.6.0+dfsg/nucleus/embpat.c:5806:14:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
    else if((mismatch && range) || !type)
data/emboss-6.6.0+dfsg/nucleus/embpat.h:220:35:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
			      ajuint*** skipm,  ajuint mismatch);
data/emboss-6.6.0+dfsg/nucleus/embpat.h:226:26:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
				 ajuint plen, ajuint mismatch,
data/emboss-6.6.0+dfsg/nucleus/embpat.h:238:57:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
                                    ajuint plen, ajuint mismatch,
data/emboss-6.6.0+dfsg/nucleus/embpat.h:247:17:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
			      ajuint mismatch,
data/emboss-6.6.0+dfsg/nucleus/embpat.h:251:48:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
void		embPatCompileII (AjPPatComp thys, ajuint mismatch);
data/emboss-6.6.0+dfsg/nucleus/embpat.h:254:26:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
				   AjPList l, ajuint mismatch, ajuint *hits,
data/emboss-6.6.0+dfsg/nucleus/embpat.h:258:58:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
                                       AjPList l, ajuint mismatch, ajuint *hits,
data/emboss-6.6.0+dfsg/nucleus/embpat.h:261:13:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
				 ajuint mismatch, AjBool protein);
data/emboss-6.6.0+dfsg/nucleus/embpat.h:355:19:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
				       ajuint mismatch, ajuint begin);
data/emboss-6.6.0+dfsg/nucleus/embprop.c:802:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = (ajint) strlen(s);
data/emboss-6.6.0+dfsg/plplot/pdfutils.c:264:11:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	result = getc(pdfs->file);
data/emboss-6.6.0+dfsg/plplot/pdfutils.c:447:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for (i = 0; i <= (int) strlen(string); i++) {
data/emboss-6.6.0+dfsg/plplot/plargs.c:949:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	      (char *) malloc((size_t)(1+strlen(myoptarg))*sizeof(char));
data/emboss-6.6.0+dfsg/plplot/plargs.c:1132:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    len = 3 + strlen(tab->syntax);		/* space [ string ] */
data/emboss-6.6.0+dfsg/plplot/plargs.c:1660:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    switch (strlen(rgb)) {
data/emboss-6.6.0+dfsg/plplot/plargs.c:1737:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(opttmp, myoptarg, OPTMAX-1);
data/emboss-6.6.0+dfsg/plplot/plargs.c:1780:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  option = (char *) malloc((size_t)(1+strlen(myoptarg))*sizeof(char));
data/emboss-6.6.0+dfsg/plplot/plargs.c:1784:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  value = (char *) malloc((size_t)(1+strlen(myoptarg))*sizeof(char));
data/emboss-6.6.0+dfsg/plplot/plargs.c:1883:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int len = strlen(myoptarg);
data/emboss-6.6.0+dfsg/plplot/plargs.c:1907:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(spec, myoptarg, len);
data/emboss-6.6.0+dfsg/plplot/plargs.c:2092:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    plsc->plwindow = (char *) malloc((size_t)(1+strlen(myoptarg))*sizeof(char));
data/emboss-6.6.0+dfsg/plplot/plargs.c:2113:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    newcmd = (char *) malloc((size_t)(strlen(myoptarg)+9)*sizeof(char));
data/emboss-6.6.0+dfsg/plplot/plargs.c:2198:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    plsc->geometry = (char *) malloc((size_t)(1+strlen(myoptarg))*sizeof(char));
data/emboss-6.6.0+dfsg/plplot/plargs.c:2203:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(opttmp, myoptarg, OPTMAX-1);
data/emboss-6.6.0+dfsg/plplot/plargs.c:2251:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    plsc->tk_file = (char *) malloc((size_t)(1+strlen(myoptarg))*sizeof(char));
data/emboss-6.6.0+dfsg/plplot/plargs.c:2277:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(opttmp, myoptarg, OPTMAX-1);
data/emboss-6.6.0+dfsg/plplot/plbox.c:977:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    lstring = strlen(string);
data/emboss-6.6.0+dfsg/plplot/plbox.c:1271:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    ydigits = MAX(ydigits, (PLINT) strlen(string));
data/emboss-6.6.0+dfsg/plplot/plcore.c:462:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      length = strlen(lookup[i].ptext);
data/emboss-6.6.0+dfsg/plplot/plcore.c:510:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    len=strlen(string);     /* this length is only used in the loop
data/emboss-6.6.0+dfsg/plplot/plcore.c:687:21:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
                    strncpy (buf, string, 30);
data/emboss-6.6.0+dfsg/plplot/plcore.c:689:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                             buf, strlen (string) > 30 ? "[...]" : "");
data/emboss-6.6.0+dfsg/plplot/plcore.c:2126:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    } else if (strncmp(BUILD_DIR, currdir, strlen(BUILD_DIR)) == 0)
data/emboss-6.6.0+dfsg/plplot/plcore.c:2219:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        int len = strlen (name) - 3;
data/emboss-6.6.0+dfsg/plplot/plcore.c:2250:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		if ( buf [strlen (buf) - 1] != '\n' )
data/emboss-6.6.0+dfsg/plplot/plcore.c:2391:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	length = strlen(plsc->DevName);
data/emboss-6.6.0+dfsg/plplot/plcore.c:2434:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	length = strlen(response);
data/emboss-6.6.0+dfsg/plplot/plcore.c:2721:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(plsc->DevName, devname, sizeof(plsc->DevName) - 1);
data/emboss-6.6.0+dfsg/plplot/plcore.c:2879:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(fnam, plsc->FileName, 79);
data/emboss-6.6.0+dfsg/plplot/plcore.c:3336:11:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
          strcat(names," ");
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1401:6:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	    strncpy(p, buf, n);
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1409:6:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	    strncpy(cp, buf, n);
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1462:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    lfilespec = strlen(dir) + strlen(subdir) + strlen(filename) + 10;
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1462:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    lfilespec = strlen(dir) + strlen(subdir) + strlen(filename) + 10;
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1462:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    lfilespec = strlen(dir) + strlen(subdir) + strlen(filename) + 10;
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1487:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int ldirspec = strlen(dirspec);
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1490:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(dirspec, "\\");
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1493:9:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
        strcat(dirspec, ":");
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1496:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(dirspec, "/");
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1564:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		len = strlen(line);
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1613:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	pls->FileName = (char *) malloc(10 + strlen(pls->BaseName) +
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1614:6:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
					strlen(pls->Ext));
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1621:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
      strncpy (prefix, pls->BaseName, 256);
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1644:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    pls->FileName = (char *) malloc(10 + strlen(fnam));
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1651:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    pls->BaseName = (char *) malloc(10 + strlen(fnam));
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1671:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    pls->FileName = (char *) malloc(10 + strlen(fnam) + strlen(ext));
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1671:57:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    pls->FileName = (char *) malloc(10 + strlen(fnam) + strlen(ext));
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1674:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    strcpy(&pls->FileName[strlen(fnam)], ext);
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1679:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    pls->BaseName = (char *) malloc(10 + strlen(fnam));
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1685:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    pls->Ext = (char *) malloc(10 + strlen(ext));
data/emboss-6.6.0+dfsg/plplot/plctrl.c:1894:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char *dest = (char *) malloc( (strlen(src) + 1) * sizeof(char) );
data/emboss-6.6.0+dfsg/plplot/plplotP.h:137:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
# define NAMLEN(dirent) strlen((dirent)->d_name)
data/emboss-6.6.0+dfsg/plplot/plsym.c:856:56:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    PLINT ch, ifont = plsc->cfont, ig, j = 0, lentxt = strlen(text);
data/emboss-6.6.0+dfsg/plplot/ps.c:425:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    pls->bytecnt += 1 + strlen(outbuf);
data/emboss-6.6.0+dfsg/plplot/ps.c:654:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    pls->bytecnt += strlen(outbuf);
data/emboss-6.6.0+dfsg/plplot/ps.c:674:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	pls->bytecnt += strlen(outbuf);
data/emboss-6.6.0+dfsg/plplot/ps.c:697:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(p);
data/emboss-6.6.0+dfsg/plplot/svg.c:685:7:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
   if(strlen(tag) > 0){
data/emboss-6.6.0+dfsg/plplot/tek.c:694:47:  [1] (buffer) getchar:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	while (++i < MAX_GIN && (input_string[i-1] = getchar()) != '\n')
data/emboss-6.6.0+dfsg/plplot/tek.c:885:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int x, y, lc = strlen(c);
data/emboss-6.6.0+dfsg/plplot/tek.c:1047:16:  [1] (buffer) getchar:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	gin->keysym = getchar();
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:265:8:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	len = strlen(basedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:276:8:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	len = strlen(newbasedir);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1821:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(prompt);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1854:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(prompt);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:1883:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(prompt);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2098:8:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	len = strlen(dp->d_name);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2194:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(tline,p,len);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2451:8:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	len = strlen(dp->d_name);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2461:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    len = strlen(dp->d_name);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2514:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    len = strlen(acdname);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2629:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(line);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2671:8:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	len = strlen(line);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:2820:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = strlen(dp->d_name);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:3076:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(tline,line,p-line);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:3080:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    p += strlen(given);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:3210:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(tline,p,len);
data/emboss-6.6.0+dfsg/scripts/bundlewin.c:3336:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(tline,p,len);
data/emboss-6.6.0+dfsg/scripts/compembassy.c:80:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            len = strlen(dresult->d_name);
data/emboss-6.6.0+dfsg/scripts/compembassy.c:109:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            len = strlen(dresult->d_name);
data/emboss-6.6.0+dfsg/scripts/compembassy.c:237:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = strlen(tarfile);
data/emboss-6.6.0+dfsg/scripts/makeam.c:117:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(dirpath);
data/emboss-6.6.0+dfsg/scripts/makeam.c:119:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(dirpath,"/");
data/emboss-6.6.0+dfsg/scripts/makeam.c:139:8:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	len = strlen(dp->d_name);
data/emboss-6.6.0+dfsg/scripts/makeam.c:184:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(dirpath);
data/emboss-6.6.0+dfsg/scripts/makeam.c:186:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(dirpath,"/");
data/emboss-6.6.0+dfsg/scripts/makeam.c:207:8:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	len = strlen(dp->d_name);
data/emboss-6.6.0+dfsg/scripts/makeam.c:256:8:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	len = strlen(line);
data/emboss-6.6.0+dfsg/scripts/makeam.c:257:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if(len + strlen(names[pos]) < maxlinelength)
data/emboss-6.6.0+dfsg/scripts/makeam.c:259:6:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	    strcat(line," ");
data/emboss-6.6.0+dfsg/scripts/winchkexes.c:148:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(aarray[i],pstart,len);

ANALYSIS SUMMARY:

Hits = 2202
Lines analyzed = 926930 in approximately 24.76 seconds (37430 lines/second)
Physical Source Lines of Code (SLOC) = 461124
Hits@level = [0] 1534 [1] 476 [2] 1007 [3]  40 [4] 675 [5]   4
Hits@level+ = [0+] 3736 [1+] 2202 [2+] 1726 [3+] 719 [4+] 679 [5+]   4
Hits/KSLOC@level+ = [0+] 8.10194 [1+] 4.77529 [2+] 3.74303 [3+] 1.55923 [4+] 1.47249 [5+] 0.00867446
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.