Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/fastdnaml-1.2.2/source/fastDNAml.c Examining data/fastdnaml-1.2.2/source/fastDNAml.h FINAL RESULTS: data/fastdnaml-1.2.2/source/fastDNAml.c:2889:13: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. return sscanf(string, format, value); /* 1 if read, otherwise 0 */ data/fastdnaml-1.2.2/source/fastDNAml.c:2949:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(best_tr_recv, treestr); data/fastdnaml-1.2.2/source/fastDNAml.c:2989:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(treestr, best_tr_recv); /* Overwrite new tree with best */ data/fastdnaml-1.2.2/source/fastDNAml.c:3231:12: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. (void) sprintf(name_pid, "%s.%d", filenm, getpid()); data/fastdnaml-1.2.2/source/fastDNAml.c:3241:12: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. (void) sprintf(scr, "%s.%d", filenm, getpid()); data/fastdnaml-1.2.2/source/fastDNAml.c:3607:16: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. (void) sprintf(treestr, "[&&%s: version = '%s'", data/fastdnaml-1.2.2/source/fastDNAml.c:3611:16: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. (void) sprintf(treestr, ", %s = %15.13g", data/fastdnaml-1.2.2/source/fastDNAml.c:3615:16: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. (void) sprintf(treestr, ", %s = %d", ntaxa_key, tr->ntips); data/fastdnaml-1.2.2/source/fastDNAml.c:3618:16: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. (void) sprintf(treestr,", %s = %d", opt_level_key, tr->opt_level); data/fastdnaml-1.2.2/source/fastDNAml.c:3621:16: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. (void) sprintf(treestr, ", %s = %d", smoothed_key, tr->smoothed); data/fastdnaml-1.2.2/source/fastDNAml.c:3624:16: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. (void) sprintf(treestr, "]%s", form == treeProlog ? ", " : " "); data/fastdnaml-1.2.2/source/fastDNAml.c:3653:14: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. (void) sprintf(treestr, ":0.0%s\n", (form != treeProlog) ? ";" : ")."); data/fastdnaml-1.2.2/source/fastDNAml.c:4458:12: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. (void) sprintf(scr, "%s.%d", filenm, getpid()); data/fastdnaml-1.2.2/source/fastDNAml.c:259:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char send_buf[80]; \ data/fastdnaml-1.2.2/source/fastDNAml.c:261:15: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. (void) sprintf(send_buf, "%d", end_step_time-begin_step_time); \ data/fastdnaml-1.2.2/source/fastDNAml.c:3014:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char scr[512]; data/fastdnaml-1.2.2/source/fastDNAml.c:3016:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(scr, "%d", n_to_get); data/fastdnaml-1.2.2/source/fastDNAml.c:3232:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). return fopen(name_pid, mode); data/fastdnaml-1.2.2/source/fastDNAml.c:3239:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char scr[512]; data/fastdnaml-1.2.2/source/fastDNAml.c:3249:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[128]; data/fastdnaml-1.2.2/source/fastDNAml.c:3603:18: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. (void) sprintf(treestr, "phylip_tree("); data/fastdnaml-1.2.2/source/fastDNAml.c:3659:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. (void) sprintf(treestr, ": %8.6f", x); /* prolog needs the space */ data/fastdnaml-1.2.2/source/fastDNAml.c:3811:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *nameptr, str[nmlngth+2]; data/fastdnaml-1.2.2/source/fastDNAml.c:3994:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char com[1024], *com_end; data/fastdnaml-1.2.2/source/fastDNAml.c:4204:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *nameptr, str[nmlngth+2]; data/fastdnaml-1.2.2/source/fastDNAml.c:4456:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char scr[512]; data/fastdnaml-1.2.2/source/fastDNAml.c:4544:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[128]; data/fastdnaml-1.2.2/source/fastDNAml.c:4639:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[128]; data/fastdnaml-1.2.2/source/fastDNAml.c:4798:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char debugfilename[128]; data/fastdnaml-1.2.2/source/fastDNAml.c:4817:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((INFILE = fopen(msg, "r")) == NULL) { data/fastdnaml-1.2.2/source/fastDNAml.c:4839:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((INFILE = fopen(msg, "r")) == NULL) { data/fastdnaml-1.2.2/source/fastDNAml.h:101:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[nmlngth+1]; /* Space for null termination */ data/fastdnaml-1.2.2/source/fastDNAml.c:262:57: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p4_send(DNAML_STEP_TIME, DNAML_HOST_ID, send_buf,strlen(send_buf)+1); \ data/fastdnaml-1.2.2/source/fastDNAml.c:919:18: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while ((ch = getc(INFILE)) != EOF && ch != c) ; data/fastdnaml-1.2.2/source/fastDNAml.c:979:44: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). for (i = 1; i <= nmlngth; i++) (void) getc(INFILE); data/fastdnaml-1.2.2/source/fastDNAml.c:983:12: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ch = getc(INFILE); data/fastdnaml-1.2.2/source/fastDNAml.c:1052:18: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while ((ch = getc(INFILE)) != '\n') { /* Scan for second value */ data/fastdnaml-1.2.2/source/fastDNAml.c:1177:44: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). for (i = 2; i <= nmlngth; i++) (void) getc(INFILE); data/fastdnaml-1.2.2/source/fastDNAml.c:1181:12: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ch = getc(INFILE); data/fastdnaml-1.2.2/source/fastDNAml.c:1230:18: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while ((ch = getc(INFILE)) != '\n' && ch != EOF) { data/fastdnaml-1.2.2/source/fastDNAml.c:1312:12: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ch = getc(INFILE); data/fastdnaml-1.2.2/source/fastDNAml.c:1422:10: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ch = getc(INFILE); data/fastdnaml-1.2.2/source/fastDNAml.c:1605:33: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (whitechar(ch = getc(INFILE))) { /* Skip blank lines */ data/fastdnaml-1.2.2/source/fastDNAml.c:1623:18: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ch = getc(INFILE); data/fastdnaml-1.2.2/source/fastDNAml.c:1637:26: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). && ((ch = getc(INFILE)) != EOF) data/fastdnaml-1.2.2/source/fastDNAml.c:1673:46: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (ch != '\n' && ch != EOF) ch = getc(INFILE); /* flush line */ data/fastdnaml-1.2.2/source/fastDNAml.c:2886:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). string += strlen(key); data/fastdnaml-1.2.2/source/fastDNAml.c:2948:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). best_tr_recv = Malloc(strlen(treestr) + 1); data/fastdnaml-1.2.2/source/fastDNAml.c:3017:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p4_send(DNAML_NUM_TREE, DNAML_MERGER_ID, scr, strlen(scr)+1); data/fastdnaml-1.2.2/source/fastDNAml.c:3699:18: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while ((ch = getc(fp)) != EOF && ch != ']') { data/fastdnaml-1.2.2/source/fastDNAml.c:3716:18: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while ((ch = getc(fp)) != EOF) { data/fastdnaml-1.2.2/source/fastDNAml.c:3750:10: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ch = getc(fp); data/fastdnaml-1.2.2/source/fastDNAml.c:3755:33: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (quoted && ! done) {ch = getc(fp); done = (ch == EOF);} data/fastdnaml-1.2.2/source/fastDNAml.c:3759:31: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (ch == '\'') {ch = getc(fp); if (ch != '\'') break;} data/fastdnaml-1.2.2/source/fastDNAml.c:3767:12: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ch = getc(fp); data/fastdnaml-1.2.2/source/fastDNAml.c:3842:27: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (n > 0 && ((ch = getc(fp1)) != EOF)) { data/fastdnaml-1.2.2/source/fastDNAml.c:3961:18: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while ((ch = getc(INFILE)) != EOF && (inquote || ch != ']')) { ANALYSIS SUMMARY: Hits = 57 Lines analyzed = 5192 in approximately 0.19 seconds (26765 lines/second) Physical Source Lines of Code (SLOC) = 3927 Hits@level = [0] 227 [1] 25 [2] 19 [3] 0 [4] 13 [5] 0 Hits@level+ = [0+] 284 [1+] 57 [2+] 32 [3+] 13 [4+] 13 [5+] 0 Hits/KSLOC@level+ = [0+] 72.3198 [1+] 14.5149 [2+] 8.14871 [3+] 3.31042 [4+] 3.31042 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.