Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/fsa-1.15.9+dfsg/MW/src/BlackBox/MWDriver_blackbox.C Examining data/fsa-1.15.9+dfsg/MW/src/BlackBox/MWDriver_blackbox.h Examining data/fsa-1.15.9+dfsg/MW/src/BlackBox/MWTask_blackbox.C Examining data/fsa-1.15.9+dfsg/MW/src/BlackBox/MWTask_blackbox.h Examining data/fsa-1.15.9+dfsg/MW/src/BlackBox/MWWorker_blackbox.C Examining data/fsa-1.15.9+dfsg/MW/src/BlackBox/MWWorker_blackbox.h Examining data/fsa-1.15.9+dfsg/MW/src/BlackBox/MWWorkerMain_blackbox.C Examining data/fsa-1.15.9+dfsg/MW/src/MW.C Examining data/fsa-1.15.9+dfsg/MW/src/MW.h Examining data/fsa-1.15.9+dfsg/MW/src/MWControlTasks/MWNWSTask.C Examining data/fsa-1.15.9+dfsg/MW/src/MWControlTasks/MWNWSTask.h Examining data/fsa-1.15.9+dfsg/MW/src/MWDriver.C Examining data/fsa-1.15.9+dfsg/MW/src/MWDriver.h Examining data/fsa-1.15.9+dfsg/MW/src/MWGroup.C Examining data/fsa-1.15.9+dfsg/MW/src/MWGroup.h Examining data/fsa-1.15.9+dfsg/MW/src/MWList.C Examining data/fsa-1.15.9+dfsg/MW/src/MWList.h Examining data/fsa-1.15.9+dfsg/MW/src/MWMasterMain.C Examining data/fsa-1.15.9+dfsg/MW/src/MWprintf.C Examining data/fsa-1.15.9+dfsg/MW/src/MWprintf.h Examining data/fsa-1.15.9+dfsg/MW/src/MWStats.C Examining data/fsa-1.15.9+dfsg/MW/src/MWStats.h Examining data/fsa-1.15.9+dfsg/MW/src/MWSystem.h Examining data/fsa-1.15.9+dfsg/MW/src/MWTask.C Examining data/fsa-1.15.9+dfsg/MW/src/MWTask.h Examining data/fsa-1.15.9+dfsg/MW/src/MWTaskContainer.C Examining data/fsa-1.15.9+dfsg/MW/src/MWTaskContainer.h Examining data/fsa-1.15.9+dfsg/MW/src/MWUnixSystem.C Examining data/fsa-1.15.9+dfsg/MW/src/MWWinSystem.C Examining data/fsa-1.15.9+dfsg/MW/src/MWWorker.C Examining data/fsa-1.15.9+dfsg/MW/src/MWWorker.h Examining data/fsa-1.15.9+dfsg/MW/src/MWWorkerID.C Examining data/fsa-1.15.9+dfsg/MW/src/MWWorkerID.h Examining data/fsa-1.15.9+dfsg/MW/src/MWWorkerMain.C Examining data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-CondorPVM/MWCondorPvmRC.C Examining data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-CondorPVM/MWCondorPvmRC.h Examining data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/chirp_client.c Examining data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/chirp_client.h Examining data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/chirp_protocol.h Examining data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileError.h Examining data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C Examining data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.h Examining data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRCSymbol.h Examining data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileSend.h Examining data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileTypes.h Examining data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileWorker.h Examining data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Independent/MWIndRC.C Examining data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Independent/MWIndRC.h Examining data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C Examining data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.h Examining data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-StaticMPI/MWStaticMPIRC.C Examining data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-StaticMPI/MWStaticMPIRC.h Examining data/fsa-1.15.9+dfsg/MW/src/RMComm/MWRMComm.C Examining data/fsa-1.15.9+dfsg/MW/src/RMComm/MWRMComm.h Examining data/fsa-1.15.9+dfsg/src/annealing/alignment_DAG.cc Examining data/fsa-1.15.9+dfsg/src/annealing/alignment_DAG.h Examining data/fsa-1.15.9+dfsg/src/annealing/dotplot.cc Examining data/fsa-1.15.9+dfsg/src/annealing/dotplot.h Examining data/fsa-1.15.9+dfsg/src/annealing/SparseMatrix.h Examining data/fsa-1.15.9+dfsg/src/annealing/tree_weights.cc Examining data/fsa-1.15.9+dfsg/src/annealing/tree_weights.h Examining data/fsa-1.15.9+dfsg/src/fsa/algebras.cc Examining data/fsa-1.15.9+dfsg/src/fsa/algebras.h Examining data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc Examining data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.h Examining data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc Examining data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.h Examining data/fsa-1.15.9+dfsg/src/fsa/anchors.cc Examining data/fsa-1.15.9+dfsg/src/fsa/anchors.h Examining data/fsa-1.15.9+dfsg/src/fsa/constraints.cc Examining data/fsa-1.15.9+dfsg/src/fsa/constraints.h Examining data/fsa-1.15.9+dfsg/src/fsa/dptables.h Examining data/fsa-1.15.9+dfsg/src/fsa/fsa.cc Examining data/fsa-1.15.9+dfsg/src/fsa/fsa.h Examining data/fsa-1.15.9+dfsg/src/fsa/model.cc Examining data/fsa-1.15.9+dfsg/src/fsa/model.h Examining data/fsa-1.15.9+dfsg/src/fsa/mybanding.h Examining data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc Examining data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.h Examining data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc Examining data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.h Examining data/fsa-1.15.9+dfsg/src/fsa/sequence_pair_selector.cc Examining data/fsa-1.15.9+dfsg/src/fsa/sequence_pair_selector.h Examining data/fsa-1.15.9+dfsg/src/main/gapcleaner.cc Examining data/fsa-1.15.9+dfsg/src/main/isect_mercator_alignment_gff.cc Examining data/fsa-1.15.9+dfsg/src/main/main.cc Examining data/fsa-1.15.9+dfsg/src/main/map_coords.cc Examining data/fsa-1.15.9+dfsg/src/main/map_gff_coords.cc Examining data/fsa-1.15.9+dfsg/src/main/percentid.cc Examining data/fsa-1.15.9+dfsg/src/main/prot2codon.cc Examining data/fsa-1.15.9+dfsg/src/main/slice_fasta.cc Examining data/fsa-1.15.9+dfsg/src/main/slice_fasta_gff.cc Examining data/fsa-1.15.9+dfsg/src/main/slice_mercator_alignment.cc Examining data/fsa-1.15.9+dfsg/src/main/translate.cc Examining data/fsa-1.15.9+dfsg/src/manager/db_adapter.cc Examining data/fsa-1.15.9+dfsg/src/manager/db_adapter.h Examining data/fsa-1.15.9+dfsg/src/manager/db_misc.cc Examining data/fsa-1.15.9+dfsg/src/manager/db_misc.h Examining data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc Examining data/fsa-1.15.9+dfsg/src/manager/db_postgres.h Examining data/fsa-1.15.9+dfsg/src/manager/manager.cc Examining data/fsa-1.15.9+dfsg/src/manager/manager.h Examining data/fsa-1.15.9+dfsg/src/manager/mw_adapter.cc Examining data/fsa-1.15.9+dfsg/src/manager/mw_adapter.h Examining data/fsa-1.15.9+dfsg/src/manager/mw_master.cc Examining data/fsa-1.15.9+dfsg/src/manager/mw_master.h Examining data/fsa-1.15.9+dfsg/src/manager/mw_task.cc Examining data/fsa-1.15.9+dfsg/src/manager/mw_task.h Examining data/fsa-1.15.9+dfsg/src/manager/mw_worker.cc Examining data/fsa-1.15.9+dfsg/src/manager/mw_worker.h Examining data/fsa-1.15.9+dfsg/src/manager/transfer_data.cc Examining data/fsa-1.15.9+dfsg/src/math/mathematics.cc Examining data/fsa-1.15.9+dfsg/src/math/mathematics.h Examining data/fsa-1.15.9+dfsg/src/math/mst.cc Examining data/fsa-1.15.9+dfsg/src/math/mst.h Examining data/fsa-1.15.9+dfsg/src/seq/alignment.cc Examining data/fsa-1.15.9+dfsg/src/seq/alignment.h Examining data/fsa-1.15.9+dfsg/src/seq/alphabet.cc Examining data/fsa-1.15.9+dfsg/src/seq/alphabet.h Examining data/fsa-1.15.9+dfsg/src/seq/gff.cc Examining data/fsa-1.15.9+dfsg/src/seq/gff.h Examining data/fsa-1.15.9+dfsg/src/seq/interval.h Examining data/fsa-1.15.9+dfsg/src/seq/mercator.cc Examining data/fsa-1.15.9+dfsg/src/seq/mercator.h Examining data/fsa-1.15.9+dfsg/src/seq/sequence.cc Examining data/fsa-1.15.9+dfsg/src/seq/sequence.h Examining data/fsa-1.15.9+dfsg/src/seq/similarity_matrix.cc Examining data/fsa-1.15.9+dfsg/src/seq/similarity_matrix.h Examining data/fsa-1.15.9+dfsg/src/util/array2d.h Examining data/fsa-1.15.9+dfsg/src/util/dexception.cc Examining data/fsa-1.15.9+dfsg/src/util/dexception.h Examining data/fsa-1.15.9+dfsg/src/util/hash_fcn.h Examining data/fsa-1.15.9+dfsg/src/util/logfile.cc Examining data/fsa-1.15.9+dfsg/src/util/logfile.h Examining data/fsa-1.15.9+dfsg/src/util/logtags.h Examining data/fsa-1.15.9+dfsg/src/util/macros.h Examining data/fsa-1.15.9+dfsg/src/util/memcheck.cc Examining data/fsa-1.15.9+dfsg/src/util/memcheck.h Examining data/fsa-1.15.9+dfsg/src/util/misc.cc Examining data/fsa-1.15.9+dfsg/src/util/misc.h Examining data/fsa-1.15.9+dfsg/src/util/opts_list.cc Examining data/fsa-1.15.9+dfsg/src/util/opts_list.h Examining data/fsa-1.15.9+dfsg/src/util/regexp.cc Examining data/fsa-1.15.9+dfsg/src/util/regexp.h Examining data/fsa-1.15.9+dfsg/src/util/sstring.cc Examining data/fsa-1.15.9+dfsg/src/util/sstring.h FINAL RESULTS: data/fsa-1.15.9+dfsg/MW/src/BlackBox/MWWorker_blackbox.C:71:7: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. ::chmod(c, 0755); // and make it executable data/fsa-1.15.9+dfsg/MW/src/BlackBox/MWTask_blackbox.C:228:3: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. fscanf(fp, "%s", name); data/fsa-1.15.9+dfsg/MW/src/MWControlTasks/MWNWSTask.C:46:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy ( machineAddress, addr ); data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:288:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(_measure_rec_file_name, "%s%s", _measure_rec_fname_prefix, argv[i]); data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:293:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(_measure_rec_file_name, "%s.%d", _measure_rec_fname_prefix, getpid()); data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:2859:2: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. fscanf( cfp, "%s %s %s %ld", buf, buf, buf, &then ); data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:2911:2: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. fscanf ( cfp, "%s %d", buf, &num_tasks ); data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:2922:2: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. fscanf( cfp, "%s %d", buf, &num_todo); data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:2947:2: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. fscanf( cfp, "%s %d", buf, &num_running); data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:3012:2: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. fscanf(f, "%s ", strbuf); data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:3128:3: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. fscanf(swap, "%s %10d", strbuf, &num_to_skip); data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:3136:3: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. fscanf(swap, "%s %10d", strbuf, &num_file_task); data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:3243:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(cmd, "mv %s old_TODO_tasks", todo->Name()); data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:3244:7: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if (system(cmd) < 0) { data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:3249:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(cmd, "mv -f tmp_TODO_swap %s", todo->Name()); data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:3250:7: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if (system(cmd) < 0) { data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:3301:2: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. fscanf(swap, "%s %10d", strbuf, &num_to_skip); data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:3309:2: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. fscanf(swap, "%s %10d", strbuf, &num_file_task); data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:4007:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(temp_str, "%s/bin/condor_status -l %s > %s", CONDOR_DIR, mach_name, filename); data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:4009:6: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if (system(temp_str) < 0) data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:4034:6: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(value, equal_pos+2); data/fsa-1.15.9+dfsg/MW/src/MWList.h:546:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(this->name, name); data/fsa-1.15.9+dfsg/MW/src/MWWorkerID.C:429:2: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf( lfp, fmt, ap ); data/fsa-1.15.9+dfsg/MW/src/MWWorkerID.C:493:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf( temp_str, "./create_condor_status_file %s", mach_name /*, filename */); data/fsa-1.15.9+dfsg/MW/src/MWWorkerID.C:498:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(temp_str, "%s/bin/condor_status -l %s", data/fsa-1.15.9+dfsg/MW/src/MWWorkerID.C:507:20: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if (( inputfile = popen(temp_str, "r")) == 0) { data/fsa-1.15.9+dfsg/MW/src/MWWorkerID.C:519:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(value, equal_pos+2); data/fsa-1.15.9+dfsg/MW/src/MWprintf.C:98:2: [4] (format) vprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vprintf( fmt, ap ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:206:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy ( output_directory, argv[4] ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:207:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy ( input_directory, argv[5] ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:305:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf ( worker_waitfile, "./%s/worker_waitfile.%d", input_directory, fileWorkers[i].id ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:306:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf ( master_waitfile, "./%s/master_waitfile.%d", output_directory, fileWorkers[i].id ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:366:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf ( buf, "%s/bin/condor_rm %d.%d", CONDOR_DIR, condorID, procID ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:368:8: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if ( system ( buf ) < 0 ) data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:416:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf( sub_file, "%s/submit_file.%d", control_directory, subId++ ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:417:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf( exe, "%s/bin/condor_submit %s", CONDOR_DIR, sub_file ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:459:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf ( requirements, "( ( %s ) ", arch_class_attributes[worker_executables[i]->arch_class] ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:464:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf ( requirements, "%s || ( %s ) ", requirements, arch_class_attributes[worker_executables[i]->arch_class] ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:471:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf( logfile, "%s/log_file.%d", control_directory, ids[i] ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:472:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf( master_waitfile, "./%s/master_waitfile.%d", data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:474:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf( worker_waitfile, "./%s/worker_waitfile.%d", data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:514:14: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if ( (ptr = popen(exe, "r") ) != NULL ) data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:516:11: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. while ( fscanf(ptr, "%s", temp ) >= 0 ) data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:525:5: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. fscanf( ptr, "%s", temp ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:607:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf ( filename, "%s/worker_input.%d.%d", input_directory, to_whom, data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:609:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf ( control_file, "%s/worker_waitfile.%d", input_directory, data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:616:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf ( filename, "%s/worker_output.%d.%d", output_directory, data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:618:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf ( control_file, "%s/master_waitfile.%d", output_directory, data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:768:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf ( filename, "%s/worker_waitfile.%d", input_directory, FileRCID ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:954:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf ( filename, "%s/worker_waitfile.%d", input_directory, FileRCID ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:1609:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf( f_name, "./%s/master_waitfile.%d", output_directory, i ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:1657:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf ( filename, "%s/worker_output.%d.%d", output_directory, fileWorkers[i].id, fileWorkers[i].counter ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:1873:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf ( exe, "%s/bin/condor_rm %d.%d", CONDOR_DIR, fileWorkers[i].condorID, fileWorkers[i].condorprocID ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:1874:2: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system ( exe ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:1955:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf ( filename, "%s/worker_input.%d.%d", input_directory, FileRCID, data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:2128:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf( f_name, "%s/log_file.%d", control_directory, i ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:2289:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf ( exe, "%s/bin/condor_rm %d.%d", CONDOR_DIR, fw.condorID, fw.condorprocID); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:2290:4: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system ( exe ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:2335:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf ( exe, "%s/bin/condor_rm %d.%d", CONDOR_DIR, fw.condorID, data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:2337:6: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system ( exe ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:2346:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf ( exe, "%s/bin/condor_rm %d.%d", CONDOR_DIR, fw.condorID, data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:2348:5: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system ( exe ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:2393:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf ( worker_state_file, "%s/log_file.%d", control_directory, fileWorkers[i].id ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:2394:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf ( master_waitfile, "./%s/master_waitfile.%d", output_directory, fileWorkers[i].id ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:2395:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf ( worker_waitfile, "./%s/worker_waitfile.%d", input_directory, fileWorkers[i].id ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:2635:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf ( exe, "%s/bin/condor_rm %d.%d", CONDOR_DIR, fileWorkers[i].condorID, data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:2637:5: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system ( exe ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:2672:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf ( target_file, "%s/%s", control_directory, moment_worker_file ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:2735:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf ( target_file, "%s/%s", control_directory, moment_worker_file ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:2764:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf ( cmd, "mv temp_File %s", target_file ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:2766:7: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if ( system ( cmd ) < 0 ) data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:2785:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy ( newstring, req ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:2812:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf ( newexec, "%s.%s.%s", newexec, opsys, arch ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:2817:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf ( exe, "copy %s %s", exec, newexec ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:2819:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf ( exe, "ln -s %s %s", exec, newexec ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:2821:5: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system ( exe ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/chirp_client.c:180:11: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. fields = fscanf(file,"%s %d %s",host,&port,cookie); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:29:9: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. #define popen _popen data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:94:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( strptr, temp); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:176:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy ( masterAddress, ((char *)mw_inet_ntop(hptr->h_addrtype, *ptr, str, sizeof(str))) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:199:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "mkdir %s", control_directory); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:200:3: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system(buf); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:215:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy ( masterAddress, argv[4] ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:421:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf ( temp, "%s/%s", control_directory, worker_number_file ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:429:9: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if ( system ( condor_cmd ) < 0 ) data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:446:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf ( temp, "%s/%s", control_directory, worker_number_file ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:448:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf ( cmd, "copy temp %s\\%s", control_directory, worker_number_file ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:451:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf ( cmd, "/bin/mv temp %s/%s", control_directory, worker_number_file ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:470:7: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if ( system ( cmd ) < 0 ) data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:489:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy ( newstring, req ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:535:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf ( newexec, "%s.%s.%s.exe", newexec, opsys, arch ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:540:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf ( exe, "copy %s %s", exec, newexec ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:542:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf ( exe, "ln -s %s %s", exec, newexec ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:544:5: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system ( exe ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:1281:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf( sub_file, "./%s/submit_file.%d", control_directory, subId++ ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:1282:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf( exe, "condor_submit ./%s/%s", control_directory, sub_file1 ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:1318:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf ( requirements, "( ( %s ) ", arch_class_attributes[worker_executables[i]->arch_class] ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:1323:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf ( requirements, "%s || ( %s ) ", requirements, arch_class_attributes[worker_executables[i]->arch_class] ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:1380:8: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. ptr = popen ( exe, "r" ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:1383:11: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. while ( fscanf(ptr, "%s", temp ) >= 0 ) data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:1389:5: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. fscanf( ptr, "%s", temp ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:1871:9: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if ( system ( exe ) < 0 ) data/fsa-1.15.9+dfsg/MW/src/RMComm/MWRMComm.C:151:4: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. fscanf ( fp, "%d %d %s %s", &worker_executables[i]->arch_class, data/fsa-1.15.9+dfsg/MW/src/RMComm/MWRMComm.C:250:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy ( arch_class_attributes[arch_class], attr ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MWRMComm.C:303:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy ( worker_executables[tempnum_executables]->executable, exec_name ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MWRMComm.C:314:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy ( worker_executables[tempnum_executables]->attributes, requirements ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MWRMComm.C:361:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy ( newone, exec_name ); data/fsa-1.15.9+dfsg/src/fsa/anchors.cc:865:9: [4] (shell) execv: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if (execv (exonerate_argv[0], exonerate_argv) == -1) // replace child fork with a new process data/fsa-1.15.9+dfsg/src/fsa/anchors.cc:1102:9: [4] (shell) execv: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if (execv (mummer_argv[0], mummer_argv) == -1) // replace child fork with a new process data/fsa-1.15.9+dfsg/src/main/main.cc:47:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tmp_argv, argv[4]); data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:23:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf( conninfo, "host = '%s'", hostname ); data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:25:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf( conninfo, "%s hostaddr = '%s'", conninfo, hostaddr ); data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:27:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf( conninfo, "%s dbname = '%s'", conninfo, dbname); data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:29:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf( conninfo, "%s port = %d", conninfo, port); data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:31:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf( conninfo, "%s user = '%s'", conninfo, user); data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:33:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf( conninfo, "%s password = '%s'", conninfo, password); data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:67:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(m_query, "SELECT id FROM %s WHERE hash = %u AND num_seqs = %d AND avg_length = %f", data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:97:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(m_query, "SELECT id, num_jobs FROM %s WHERE learn_gap = %s AND learn_emit_all = %s AND regularize = %s AND anchored = %s AND num_refinement_steps = %d", data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:132:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(m_query, "UPDATE %s SET last_modified = CURRENT_TIMESTAMP WHERE id = %d", data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:147:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(m_query, "CREATE TABLE %s (id SERIAL, hash BIGINT, num_seqs INT, avg_length INT, first_generated TIMESTAMP with time zone, last_modified TIMESTAMP with time zone)", data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:162:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(m_query, "INSERT INTO %s (seq1, pos1, seq2, pos2, weight, delta ) SELECT * FROM %s_%d", data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:177:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(m_query, "CREATE INDEX %s_%s_idx ON %s (weight DESC, seq1, seq2, pos1, pos2)", data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:194:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(m_query, "INSERT INTO %s (hash, num_seqs, avg_length, first_generated, last_modified) VALUES (%u, %d, %f, CURRENT_TIMESTAMP, CURRENT_TIMESTAMP)", data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:209:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(m_query, "CREATE SCHEMA %s", m_seqs_schema.c_str()); data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:223:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(m_query, "CREATE TABLE %s (id SERIAL, learn_gap BOOLEAN, learn_emit_all BOOLEAN, regularize BOOLEAN, anchored BOOLEAN, num_refinement_steps INT, first_generated TIMESTAMP with time zone, last_modified TIMESTAMP with time zone, num_jobs INT)", data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:238:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(m_query, "CREATE TABLE %s (id SERIAL, sequence TEXT, length INT, hash BIGINT)", data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:274:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(m_query,"SELECT seq1, pos1, seq2, pos2, weight, delta FROM %s ORDER BY WEIGHT DESC LIMIT %d OFFSET %d", data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:464:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(m_query,"SELECT pos1, pos2, prob FROM %s_%d where seq1 = %d and seq2 = %d order by pos1, pos2", data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:608:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(m_query, "COPY %s TO STDOUT", table_name); data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:621:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(m_query, "COPY %s FROM STDIN", table_name); data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:649:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(m_query, "INSERT INTO %s (learn_gap, learn_emit_all, regularize, anchored, num_refinement_steps, first_generated, last_modified, num_jobs) VALUES (%s, %s, %s, %s, %d, CURRENT_TIMESTAMP, CURRENT_TIMESTAMP, %d)", data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:668:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(m_query, "CREATE TABLE %s_%d (seq1 INT, seq2 INT, num_cells INT)", data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:683:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(m_query, "CREATE TABLE %s_%d (seq1 INT, pos1 INT, seq2 INT, pos2 INT, prob FLOAT)", data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:698:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(m_query, "TRUNCATE %s_%d", m_num_cells_table.c_str(), id); data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:712:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(m_query, "TRUNCATE %s_%d", m_sparse_matrix_table.c_str(), id); data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:726:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(m_query, "UPDATE %s SET last_modified = CURRENT_TIMESTAMP, num_jobs = %d WHERE id = %d", data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:744:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(m_query, "DROP INDEX %s.%s_%s_%d_idx", data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:759:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(m_query, "DROP INDEX %s.%s_%s_idx", data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:774:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(m_query, "CREATE TABLE %s_%d (seq1 INT, pos1 INT, seq2 INT, pos2 INT, weight DOUBLE PRECISION, delta FLOAT )", data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:789:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(m_query, "CREATE TABLE %s (seq1 INT, pos1 INT, seq2 INT, pos2 INT, weight DOUBLE PRECISION, delta FLOAT ) ", data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:804:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(m_query, "TRUNCATE %s", data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:819:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(m_query, "TRUNCATE %s_%d", data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:984:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(m_query, "CREATE INDEX %s_%s_%d_idx ON %s_%d (seq1, seq2, pos1, pos2)", data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:1001:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(m_query, "SELECT COUNT(weight) FROM %s", data/fsa-1.15.9+dfsg/src/manager/mw_master.cc:123:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(requirements,"((Arch==\"%s\") && (Opsys==\"LINUX\"))",arch); data/fsa-1.15.9+dfsg/src/manager/mw_master.cc:253:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(argv[argc], m_argv[i]); data/fsa-1.15.9+dfsg/src/util/logfile.h:239:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (file_tag_buf, "file=\"%s\" line=%d level=%d tags=\"%s\"", strip_path (src_file), src_line, current_log_level, tags); data/fsa-1.15.9+dfsg/src/util/logfile.h:241:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (file_tag_buf, "file=\"%s\" line=%d level=%d", strip_path (src_file), src_line, current_log_level); data/fsa-1.15.9+dfsg/src/util/logfile.h:246:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (file_tag_buf, "<%s#%d> <%d %s>", strip_path (src_file), src_line, current_log_level, tags); data/fsa-1.15.9+dfsg/src/util/logfile.h:248:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (file_tag_buf, "<%s#%d> <%d>", strip_path (src_file), src_line, current_log_level); data/fsa-1.15.9+dfsg/src/util/regexp.cc:1465:10: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). (void) strcat(buf, p); data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:757:6: [3] (random) drand48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. if( drand48() < p ) data/fsa-1.15.9+dfsg/src/main/gapcleaner.cc:57:9: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. c = getopt_long (argc, argv, short_options, data/fsa-1.15.9+dfsg/src/main/isect_mercator_alignment_gff.cc:112:9: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. c = getopt_long (argc, argv, short_options, data/fsa-1.15.9+dfsg/src/main/map_coords.cc:84:9: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. c = getopt_long (argc, argv, short_options, data/fsa-1.15.9+dfsg/src/main/map_gff_coords.cc:112:9: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. c = getopt_long (argc, argv, short_options, data/fsa-1.15.9+dfsg/src/main/percentid.cc:55:9: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. c = getopt_long (argc, argv, short_options, data/fsa-1.15.9+dfsg/src/main/prot2codon.cc:57:9: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. c = getopt_long (argc, argv, short_options, data/fsa-1.15.9+dfsg/src/main/slice_fasta.cc:60:9: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. c = getopt_long (argc, argv, short_options, data/fsa-1.15.9+dfsg/src/main/slice_fasta_gff.cc:67:9: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. c = getopt_long (argc, argv, short_options, data/fsa-1.15.9+dfsg/src/main/slice_mercator_alignment.cc:101:9: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. c = getopt_long (argc, argv, short_options, data/fsa-1.15.9+dfsg/src/main/translate.cc:56:9: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. c = getopt_long (argc, argv, short_options, data/fsa-1.15.9+dfsg/src/util/misc.h:368:10: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. std::srand (seed); data/fsa-1.15.9+dfsg/src/util/misc.h:372:10: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. std::srand (std::time (NULL)); data/fsa-1.15.9+dfsg/MW/src/BlackBox/MWTask_blackbox.C:101:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[8096]; data/fsa-1.15.9+dfsg/MW/src/BlackBox/MWTask_blackbox.C:112:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[8096]; data/fsa-1.15.9+dfsg/MW/src/BlackBox/MWTask_blackbox.C:196:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file_name[4096]; data/fsa-1.15.9+dfsg/MW/src/BlackBox/MWTask_blackbox.C:227:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[4096]; data/fsa-1.15.9+dfsg/MW/src/BlackBox/MWWorker_blackbox.C:112:3: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). open("stdout", O_CREAT | O_TRUNC); data/fsa-1.15.9+dfsg/MW/src/BlackBox/MWWorker_blackbox.C:113:3: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). open("stderr", O_CREAT | O_TRUNC); data/fsa-1.15.9+dfsg/MW/src/MWControlTasks/MWNWSTask.h:95:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char machineAddress[1024]; data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:166:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(_measure_opt_file_name, "_measure_opt"); data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:167:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(_measure_rec_fname_prefix, "_measure_rec"); data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:168:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(_measure_ProcID_prefix, "_ProcID."); data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:309:20: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( (chp_file = fopen(ckpt_filename, "r")) == NULL) data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:882:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char workerhostname[64]; data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:2744:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( ( cfp=fopen( tempName, "w" ) ) == NULL ) { data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:2851:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( ( cfp=fopen( ckpt_filename, "r" ) ) == NULL ) { data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:2857:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[128]; data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:2979:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( (swapfile = fopen(todo->Name(), "r")) == NULL ) { data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:3010:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char strbuf[128]; data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:3045:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char strbuf[128]; data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:3068:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( (swapfile = fopen(todo->Name(), "r")) == NULL) { data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:3242:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmd[1024]; data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:3276:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char strbuf[128]; data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:3286:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( (swapfp = fopen(todo->Name(), "r")) == NULL) { data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:3968:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). return atoi(value); data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:3988:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[50]; data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:3989:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[200]; data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:3990:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char value[1300]; data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:3991:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char raw_line[1500]; data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:3994:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp_str[256]; data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:3996:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char zero_string[2]; data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:4004:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(filename, "/tmp/metaneos_file2"); data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:4016:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((inputfile = fopen(filename, "r")) == 0) data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:4161:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char hostname[255]; data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:4242:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( (rec = fopen(_measure_rec_file_name, "a")) == NULL ) { data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:4258:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( (rec = fopen(_measure_rec_file_name, "a")) == NULL ) { data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:4339:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( (opt = fopen(opt_fname, "r")) == NULL ) { data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:4344:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[512]; data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:4352:33: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). _measure_dump_rec_interval = atoi( &(str[strlen("dump_record_interval")+1]) ); data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:4355:33: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). _measure_read_opt_interval = atoi( &(str[strlen("read_option_interval")+1]) ); data/fsa-1.15.9+dfsg/MW/src/MWDriver.h:1129:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Arch[64]; data/fsa-1.15.9+dfsg/MW/src/MWDriver.h:1132:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char OpSys[64]; data/fsa-1.15.9+dfsg/MW/src/MWDriver.h:1135:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char IPAddress[64]; data/fsa-1.15.9+dfsg/MW/src/MWDriver.h:1169:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mach_name[64]; data/fsa-1.15.9+dfsg/MW/src/MWDriver.h:1198:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char _measure_opt_file_name[_POSIX_PATH_MAX]; // = "_measure_opt"; data/fsa-1.15.9+dfsg/MW/src/MWDriver.h:1199:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char _measure_rec_fname_prefix[_POSIX_PATH_MAX]; // = "_measure_rec"; data/fsa-1.15.9+dfsg/MW/src/MWDriver.h:1200:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char _measure_ProcID_prefix[_POSIX_PATH_MAX]; // = "_ProcID."; data/fsa-1.15.9+dfsg/MW/src/MWDriver.h:1201:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char _measure_rec_file_name[_POSIX_PATH_MAX]; data/fsa-1.15.9+dfsg/MW/src/MWWorker.h:81:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mach_name[64]; data/fsa-1.15.9+dfsg/MW/src/MWWorker.h:84:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char master_mach_name[64]; data/fsa-1.15.9+dfsg/MW/src/MWWorkerID.C:407:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( (lfp=fopen( ulv_filename, "w" )) == NULL ) { data/fsa-1.15.9+dfsg/MW/src/MWWorkerID.C:448:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). return atoi(value); data/fsa-1.15.9+dfsg/MW/src/MWWorkerID.C:467:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[200]; data/fsa-1.15.9+dfsg/MW/src/MWWorkerID.C:468:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char value[1300]; data/fsa-1.15.9+dfsg/MW/src/MWWorkerID.C:469:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char raw_line[1500]; data/fsa-1.15.9+dfsg/MW/src/MWWorkerID.C:472:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp_str[256]; data/fsa-1.15.9+dfsg/MW/src/MWWorkerID.C:474:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char zero_string[2]; data/fsa-1.15.9+dfsg/MW/src/MWWorkerID.h:230:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Arch[64]; data/fsa-1.15.9+dfsg/MW/src/MWWorkerID.h:233:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char OpSys[64]; data/fsa-1.15.9+dfsg/MW/src/MWWorkerID.h:281:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mach_name[64]; data/fsa-1.15.9+dfsg/MW/src/MWprintf.C:42:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen ( filename, mode ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-CondorPVM/MWCondorPvmRC.C:137:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). (*workers)[i]->set_arch ( atoi ( hi[i].hi_arch ) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-CondorPVM/MWCondorPvmRC.C:166:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[64], arch[64]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-CondorPVM/MWCondorPvmRC.C:181:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). w->set_arch( atoi(arch) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-CondorPVM/MWCondorPvmRC.C:183:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). elem = find_exec_class ( atoi(arch) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-CondorPVM/MWCondorPvmRC.C:186:70: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). MWprintf ( 10, "Strange!! No pending request found for arch %d\n", atoi(arch) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-CondorPVM/MWCondorPvmRC.C:265:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char arch[4]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-CondorPVM/MWCondorPvmRC.C:268:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf ( arch, "%d", archnum ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-CondorPVM/MWCondorPvmRC.C:528:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( arches[i], "%d", arch ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:173:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy ( output_directory, "worker_output" ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:174:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy ( input_directory, "worker_input" ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:175:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy ( control_directory, "submit_files" ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:176:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy ( moment_worker_file, "moment_worker_file" ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:192:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy ( output_directory, "worker_output" ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:193:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy ( input_directory, "worker_input" ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:194:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy ( control_directory, "submit_files" ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:195:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy ( moment_worker_file, "moment_worker_file" ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:203:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). FileRCID = atoi ( argv[1] ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:204:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). expected_number = atoi ( argv[2] ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:205:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). master_expected_number = atoi(argv[3] ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:208:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy ( control_directory, "submit_files" ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:209:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). *master_tid = atoi ( argv[6] ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:276:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char worker_waitfile[_POSIX_PATH_MAX]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:277:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char master_waitfile[_POSIX_PATH_MAX]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:361:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[_POSIX_PATH_MAX]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:406:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sub_file[_POSIX_PATH_MAX]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:407:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char exe[_POSIX_PATH_MAX]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:408:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char logfile[_POSIX_PATH_MAX]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:409:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char master_waitfile[_POSIX_PATH_MAX], worker_waitfile[_POSIX_PATH_MAX]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:411:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[_POSIX_PATH_MAX]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:412:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char requirements[num_executables * _POSIX_PATH_MAX]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:468:2: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat ( requirements, " )" ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:530:11: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cID = atoi ( temp ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:601:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[_POSIX_PATH_MAX]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:602:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char control_file[_POSIX_PATH_MAX]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:761:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[_POSIX_PATH_MAX]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:949:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[_POSIX_PATH_MAX]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:1315:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( &bytes[i * stride], buf->data, sizeof(char) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:1347:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( &f[i * stride], buf->data, sizeof(float) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:1379:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( &d[i * stride], buf->data, sizeof(double) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:1410:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( &j[i * stride], buf->data, sizeof(int) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:1440:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( &ui[i * stride], buf->data, sizeof(unsigned int) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:1471:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( &sh[i * stride], buf->data, sizeof(short) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:1502:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( &ush[i * stride], buf->data, sizeof(unsigned short) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:1534:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( &l[i * stride], buf->data, sizeof(long) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:1566:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( &ul[i * stride], buf->data, sizeof(unsigned long) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:1592:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( str, buf->data, sizeof(char) * buf->size ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:1604:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char f_name[_POSIX_PATH_MAX]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:1653:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[_POSIX_PATH_MAX]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:1872:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char exe[_POSIX_PATH_MAX]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:1952:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[_POSIX_PATH_MAX]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:2117:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char f_name[_POSIX_PATH_MAX]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:2131:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( (f = fopen( f_name, "r" )) == NULL ) data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:2266:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( (f = fopen ( f_name, "r" )) == NULL ) data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:2288:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char exe[128]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:2334:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char exe[128]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:2345:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char exe[128]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:2386:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char c[2]; c[1] = '\0'; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:2387:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char worker_state_file[_POSIX_PATH_MAX]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:2388:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char master_waitfile[_POSIX_PATH_MAX], worker_waitfile[_POSIX_PATH_MAX]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:2546:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char c[2]; c[1] = '\0'; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:2559:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cal = cal * 10 + atoi(c); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:2600:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char c[2]; c[1] = '\0'; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:2612:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). num_cal = num_cal * 10 + atoi(c); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:2632:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char exe[_POSIX_PATH_MAX]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:2670:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char target_file[_POSIX_PATH_MAX]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:2732:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char target_file[_POSIX_PATH_MAX]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:2733:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmd[4 * _POSIX_PATH_MAX]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:2779:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newstring[_POSIX_PATH_MAX]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:2780:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char arch[100], opsys[100]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:2784:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char exe[4 * _POSIX_PATH_MAX]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:2786:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf ( newexec, "mw_exec%d", ex_cl ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:2879:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *rfd = ::fopen(filename, "r"); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:2894:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:2950:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *wfd = ::fopen(filename, "w+"); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:2959:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.h:325:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char output_directory[256]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.h:328:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char input_directory[256]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.h:333:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char control_directory[256]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.h:338:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char moment_worker_file[256]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileSend.h:47:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( data, dt, siz ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/chirp_client.c:130:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char param[CHIRP_LINE_MAX]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/chirp_client.c:131:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char value[CHIRP_LINE_MAX]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/chirp_client.c:172:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char host[CHIRP_LINE_MAX]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/chirp_client.c:173:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cookie[CHIRP_LINE_MAX]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/chirp_client.c:177:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen("chirp.config","r"); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/chirp_client.c:434:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[CHIRP_LINE_MAX]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/chirp_client.c:516:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(c,"%d",va_arg(args,int)); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/chirp_client.c:554:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char command[CHIRP_LINE_MAX]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Independent/MWIndRC.C:139:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( &ind_recvbuf.buf, &ind_sendbuf.buf, INDP_BUF_SIZE * sizeof(char) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Independent/MWIndRC.C:182:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( &(ind_sendbuf.buf[num_sent]), &bytes[ i * stride ], sizeof(char) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Independent/MWIndRC.C:196:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( &(ind_sendbuf.buf[num_sent]), &f[ i * stride ], sizeof(float) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Independent/MWIndRC.C:210:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( &(ind_sendbuf.buf[num_sent]), &d[ i * stride ], sizeof(double) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Independent/MWIndRC.C:224:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( &(ind_sendbuf.buf[num_sent]), &in[ i * stride ], sizeof(int) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Independent/MWIndRC.C:238:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( &(ind_sendbuf.buf[num_sent]), &ui[ i * stride ], sizeof(unsigned int) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Independent/MWIndRC.C:252:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( &(ind_sendbuf.buf[num_sent]), &sh[ i * stride ], sizeof(short) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Independent/MWIndRC.C:266:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( &(ind_sendbuf.buf[num_sent]), &ush[ i * stride ], sizeof(unsigned short) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Independent/MWIndRC.C:280:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( &(ind_sendbuf.buf[num_sent]), &l[ i * stride ], sizeof(long) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Independent/MWIndRC.C:294:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( &(ind_sendbuf.buf[num_sent]), &ul[ i * stride ], sizeof(unsigned long) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Independent/MWIndRC.C:307:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( &(ind_sendbuf.buf[num_sent]), &len, sizeof(int) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Independent/MWIndRC.C:310:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( &(ind_sendbuf.buf[num_sent]), string, len * sizeof(char) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Independent/MWIndRC.C:323:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( &temp,&(ind_recvbuf.buf[num_sent]), sizeof(char) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Independent/MWIndRC.C:338:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( &temp, &(ind_recvbuf.buf[num_sent]), sizeof(float) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Independent/MWIndRC.C:353:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( &temp, &(ind_recvbuf.buf[num_sent]), sizeof(double) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Independent/MWIndRC.C:368:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( &temp, &(ind_recvbuf.buf[num_sent]), sizeof(int) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Independent/MWIndRC.C:383:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( &temp, &(ind_recvbuf.buf[num_sent]), sizeof(unsigned int) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Independent/MWIndRC.C:398:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( &temp, &(ind_recvbuf.buf[num_sent]), sizeof(short) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Independent/MWIndRC.C:413:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( &temp, &(ind_recvbuf.buf[num_sent]), sizeof(unsigned short) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Independent/MWIndRC.C:428:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( &temp, &(ind_recvbuf.buf[num_sent]), sizeof(long) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Independent/MWIndRC.C:443:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( &temp, &(ind_recvbuf.buf[num_sent]), sizeof(unsigned long) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Independent/MWIndRC.C:456:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( &len, &(ind_recvbuf.buf[num_sent]), sizeof(int) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Independent/MWIndRC.C:459:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( string, &(ind_recvbuf.buf[num_sent]), len * sizeof(char) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Independent/MWIndRC.h:114:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[INDP_BUF_SIZE]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:92:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[16]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:93:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( temp, "%d.%d.%d.%d", p[0], p[1], p[2], p[3]); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:127:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy ( control_directory, "submit_files" ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:128:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy ( worker_number_file, "worker_number_file" ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:153:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[16]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:166:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char myname[256]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:198:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:211:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). *mastertid = atoi ( argv[2] ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:212:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). socketId = atoi ( argv[1] ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:213:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). masterSocket = atoi ( argv[3] ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:237:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof(int)]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:417:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[_POSIX_PATH_MAX]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:422:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen ( temp, "r" ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:427:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char condor_cmd[ 3 * _POSIX_PATH_MAX]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:428:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf ( condor_cmd, "condor_rm %d.%d", cluster, subcluster ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:443:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[_POSIX_PATH_MAX]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:444:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmd[3 * _POSIX_PATH_MAX]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:453:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen ( "temp", "w" ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:483:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newstring[_POSIX_PATH_MAX]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:484:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char arch[100], opsys[100]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:488:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char exe[4 * _POSIX_PATH_MAX]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:490:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf ( newexec, "mw_exec%d", ex_cl ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:560:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[3*sizeof(int)]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:647:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[ 3 * sizeof(int) ]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:846:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer [ 3 * sizeof(int) ]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:881:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer [ 3 * sizeof(int) ]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:1113:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[sizeof(int)]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:1186:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer [ 3 * sizeof(int) ]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:1269:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sub_file[_POSIX_PATH_MAX]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:1270:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sub_file1[_POSIX_PATH_MAX]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:1271:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[65536]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:1272:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char exe[_POSIX_PATH_MAX]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:1274:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char requirements[10 * _POSIX_PATH_MAX]; // 10 is max num executables data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:1280:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( sub_file1, "submit_file.%d", subId ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:1328:2: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat ( requirements, " )" ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:1390:11: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cID = atoi ( temp ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:1431:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( &sendBuffer[messageSize], &(bytes [ i * stride ]), sizeof(char) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:1615:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( &sendBuffer[messageSize], str, len ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:1673:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( &(bytes [ i * stride ]), &recvBuffer[recvPointer], sizeof(char) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:1852:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( str, &recvBuffer[recvPointer], len ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:1868:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char exe[ 8 * _POSIX_PATH_MAX]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:1870:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf ( exe, "condor_rm %d.%d", socketWorkers[i].cId, socketWorkers[i].subcId ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:1909:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( buf, &k, sizeof(int) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:1917:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( buf, &k, sizeof(unsigned int) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:1925:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( buf, &k, sizeof(short) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:1933:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( buf, &k, sizeof(unsigned short) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:1941:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( buf, &k, sizeof(long) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:1949:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( buf, &k, sizeof(unsigned long) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:1972:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bytes[8]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:1996:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( &k, buf, sizeof(int) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:2004:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( &k, buf, sizeof(unsigned int) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:2012:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( &k, buf, sizeof(short) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:2020:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( &k, buf, sizeof(unsigned short) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:2028:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( &k, buf, sizeof(long) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:2036:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( &k, buf, sizeof(unsigned long) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:2058:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( &d, &f, sizeof(int) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:2059:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( ((char *)&d) + sizeof(int), &s, sizeof(int) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:2063:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( &d, &s, sizeof(int) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:2064:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ( ((char *)&d) + sizeof(int), &f, sizeof(int) ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.h:357:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char masterAddress[_POSIX_PATH_MAX]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.h:364:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char control_directory[_POSIX_PATH_MAX]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.h:366:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char worker_number_file[_POSIX_PATH_MAX]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.h:407:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sendBuffer[MWSOCKET_MAX_MSG_SIZE]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.h:412:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char recvBuffer[MWSOCKET_MAX_MSG_SIZE]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-StaticMPI/MWStaticMPIRC.h:72:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tmp, data, size); data/fsa-1.15.9+dfsg/MW/src/RMComm/MWRMComm.C:434:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *f = fopen(exec_name, "r"); data/fsa-1.15.9+dfsg/src/annealing/alignment_DAG.cc:592:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). gui_file.open (gui_filename.c_str()); data/fsa-1.15.9+dfsg/src/annealing/alignment_DAG.cc:608:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). prob_file.open (prob_filename.c_str()); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:773:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char iTranslate[256]; data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:980:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char alphaSymbolaminoacid[20] = {'A', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'K', 'L', 'M', 'N', 'P', 'Q', 'R', 'S', 'T', 'V', 'W', 'Y'}; data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:981:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char alphaIndexaminoacid[256]; data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:991:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char iTranslate[256]; data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:1325:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char iTranslate[256]; data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:1573:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char iTranslate[256]; data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:1817:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char alphaSymbolaminoacid[20] = {'A', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'K', 'L', 'M', 'N', 'P', 'Q', 'R', 'S', 'T', 'V', 'W', 'Y'}; data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:1818:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char alphaIndexaminoacid[256]; data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:1828:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char iTranslate[256]; data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:2194:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char iTranslate[256]; data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:773:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char iTranslate[256]; data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:950:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char alphaSymbolaminoacid[20] = {'A', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'K', 'L', 'M', 'N', 'P', 'Q', 'R', 'S', 'T', 'V', 'W', 'Y'}; data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:951:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char alphaIndexaminoacid[256]; data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:961:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char iTranslate[256]; data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:1235:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char iTranslate[256]; data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:1453:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char iTranslate[256]; data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:1667:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char alphaSymbolaminoacid[20] = {'A', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'K', 'L', 'M', 'N', 'P', 'Q', 'R', 'S', 'T', 'V', 'W', 'Y'}; data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:1668:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char alphaIndexaminoacid[256]; data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:1678:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char iTranslate[256]; data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:1984:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char iTranslate[256]; data/fsa-1.15.9+dfsg/src/fsa/anchors.cc:799:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). filestream.open (xfile.c_str()); data/fsa-1.15.9+dfsg/src/fsa/anchors.cc:806:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). filestream.open (yfile.c_str()); data/fsa-1.15.9+dfsg/src/fsa/anchors.cc:911:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const unsigned xstart = atoi (tokens[0].c_str()); // 0-based, half-open coordinates [start, end) data/fsa-1.15.9+dfsg/src/fsa/anchors.cc:912:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const unsigned xend = atoi (tokens[1].c_str()) - 1; data/fsa-1.15.9+dfsg/src/fsa/anchors.cc:915:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const unsigned ystart = atoi (tokens[3].c_str()); data/fsa-1.15.9+dfsg/src/fsa/anchors.cc:916:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const unsigned yend = atoi (tokens[4].c_str()) - 1; data/fsa-1.15.9+dfsg/src/fsa/anchors.cc:919:53: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const double raw_score = static_cast<double> (atoi (tokens[6].c_str())); data/fsa-1.15.9+dfsg/src/fsa/anchors.cc:1057:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). filestream.open (xfile.c_str()); data/fsa-1.15.9+dfsg/src/fsa/anchors.cc:1064:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). filestream.open (yfile.c_str()); data/fsa-1.15.9+dfsg/src/fsa/anchors.cc:1140:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). unsigned xstart = atoi (tokens[0].c_str()) - 1; // convert from 1-based to 0-based coordinates data/fsa-1.15.9+dfsg/src/fsa/anchors.cc:1141:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). unsigned ystart = atoi (tokens[1].c_str()) - 1; data/fsa-1.15.9+dfsg/src/fsa/anchors.cc:1142:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). size_t length = atoi (tokens[2].c_str()); data/fsa-1.15.9+dfsg/src/fsa/anchors.cc:1512:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). gui_file.open (gui_filename.c_str()); data/fsa-1.15.9+dfsg/src/fsa/constraints.cc:50:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). unsigned xstart = atoi (tokens[1].c_str()); // [start, end) data/fsa-1.15.9+dfsg/src/fsa/constraints.cc:51:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). unsigned xend = atoi (tokens[2].c_str()) - 1; data/fsa-1.15.9+dfsg/src/fsa/constraints.cc:53:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). unsigned ystart = atoi (tokens[4].c_str()); data/fsa-1.15.9+dfsg/src/fsa/constraints.cc:54:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). unsigned yend = atoi (tokens[5].c_str()) - 1; data/fsa-1.15.9+dfsg/src/fsa/fsa.cc:1394:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). filestream.open (filename.c_str(), std::ios::in); data/fsa-1.15.9+dfsg/src/fsa/fsa.cc:1415:45: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const size_t i = static_cast<size_t> (atoi (re_probs[1].c_str())); data/fsa-1.15.9+dfsg/src/fsa/fsa.cc:1416:50: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const unsigned ii = static_cast<unsigned> (atoi (re_probs[2].c_str())); data/fsa-1.15.9+dfsg/src/fsa/fsa.cc:1417:45: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const size_t j = static_cast<size_t> (atoi (re_probs[3].c_str())); data/fsa-1.15.9+dfsg/src/fsa/fsa.cc:1418:50: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const unsigned jj = static_cast<unsigned> (atoi (re_probs[4].c_str())); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:773:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char iTranslate[256]; data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:948:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char alphaSymbolnucleotide[4] = {'A', 'C', 'G', 'T'}; data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:949:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char alphaIndexnucleotide[256]; data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:959:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char iTranslate[256]; data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:1261:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char iTranslate[256]; data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:1477:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char iTranslate[256]; data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:1689:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char alphaSymbolnucleotide[4] = {'A', 'C', 'G', 'T'}; data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:1690:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char alphaIndexnucleotide[256]; data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:1700:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char iTranslate[256]; data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:2034:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char iTranslate[256]; data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:773:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char iTranslate[256]; data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:918:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char alphaSymbolnucleotide[4] = {'A', 'C', 'G', 'T'}; data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:919:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char alphaIndexnucleotide[256]; data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:929:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char iTranslate[256]; data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1171:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char iTranslate[256]; data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1357:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char iTranslate[256]; data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1539:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char alphaSymbolnucleotide[4] = {'A', 'C', 'G', 'T'}; data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1540:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char alphaIndexnucleotide[256]; data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1550:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char iTranslate[256]; data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1824:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char iTranslate[256]; data/fsa-1.15.9+dfsg/src/main/main.cc:41:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). bool chk_arg2 = (atoi(argv[2]) != 0 ) ? true : false; // 2nd parameter must be an integer value data/fsa-1.15.9+dfsg/src/main/main.cc:42:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). bool chk_arg3 = (atoi(argv[3]) != 0 ) ? true : false; // 3rd parameter must be an integer value data/fsa-1.15.9+dfsg/src/main/main.cc:45:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp_argv[512],*dot_pch; data/fsa-1.15.9+dfsg/src/main/map_coords.cc:138:39: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). start_source = static_cast<size_t> (atoi (argv[optind++])); data/fsa-1.15.9+dfsg/src/main/map_coords.cc:139:37: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). end_source = static_cast<size_t> (atoi (argv[optind++])); data/fsa-1.15.9+dfsg/src/main/slice_fasta.cc:95:34: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). start = static_cast<unsigned> (atoi (argv[optind++])); data/fsa-1.15.9+dfsg/src/main/slice_fasta.cc:96:32: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). end = static_cast<unsigned> (atoi (argv[optind++])); data/fsa-1.15.9+dfsg/src/main/slice_mercator_alignment.cc:167:34: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). start = static_cast<unsigned> (atoi (argv[optind++])); data/fsa-1.15.9+dfsg/src/main/slice_mercator_alignment.cc:168:32: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). end = static_cast<unsigned> (atoi (argv[optind++])); data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:18:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char conninfo[DB_MAX_QUERY_LENGTH]; data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:84:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). seqs_schema_id = atoi (PQgetvalue (m_res, 0, 0)); data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:115:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). params_table_id = atoi (PQgetvalue (m_res, 0, 0)); data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:116:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). m_num_jobs = atoi (PQgetvalue (m_res, 0, 1)); data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:262:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(m_exec, "\t%d\t%lu\n", seq_db_internal.get_seq (i).length(), Hash_functions::hsieh_hash (seq_db_internal.get_seq (i).seq.c_str())); data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:302:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). seq1 = atoi (PQgetvalue (m_res, i, 0)); data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:303:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pos1 = atoi (PQgetvalue (m_res, i, 1)); data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:304:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). seq2 = atoi (PQgetvalue (m_res, i, 2)); data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:305:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pos2 = atoi (PQgetvalue (m_res, i, 3)); data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:353:39: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pch = strtok(buf, "\t"); seq1 = atoi(pch); data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:354:39: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pch = strtok(NULL, "\t"); pos1 = atoi(pch); data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:355:39: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pch = strtok(NULL, "\t"); seq2 = atoi(pch); data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:356:39: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pch = strtok(NULL, "\t"); pos2 = atoi(pch); data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:410:37: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pch = strtok(buf, "\t"); seq1 = atoi(pch); data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:411:37: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pch = strtok(NULL, "\t"); pos1 = atoi(pch); data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:412:37: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pch = strtok(NULL, "\t"); seq2 = atoi(pch); data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:413:37: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pch = strtok(NULL, "\t"); pos2 = atoi(pch); data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:488:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pos1 = atoi (PQgetvalue (m_res, i, 0)); data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:489:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pos2 = atoi (PQgetvalue (m_res, i, 1)); data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:531:37: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pch = strtok(buf, "\t"); seq1 = atoi(pch); data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:532:37: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pch = strtok(NULL, "\t"); seq2 = atoi(pch); data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:533:39: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pch = strtok(NULL, "\t"); nCells = atoi(pch); data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:588:37: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pch = strtok(buf, "\t"); seq1 = atoi(pch); data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:589:37: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pch = strtok(NULL, "\t"); seq2 = atoi(pch); data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:590:39: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pch = strtok(NULL, "\t"); nCells = atoi(pch); data/fsa-1.15.9+dfsg/src/manager/db_postgres.h:274:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char m_query[DB_MAX_QUERY_LENGTH]; // common buffer for queries data/fsa-1.15.9+dfsg/src/manager/db_postgres.h:275:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char m_exec[DB_MAX_QUERY_LENGTH]; // common buffer for execution commands data/fsa-1.15.9+dfsg/src/manager/manager.cc:624:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char entry[MAX_DB_ENTRY_LENGTH]; data/fsa-1.15.9+dfsg/src/manager/manager.cc:625:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(entry,"%d\t%d\t%d\t%d\t%lf\t%f\n", data/fsa-1.15.9+dfsg/src/manager/mw_master.cc:108:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char arch[10]; data/fsa-1.15.9+dfsg/src/manager/mw_master.cc:109:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char requirements[100]; data/fsa-1.15.9+dfsg/src/manager/mw_master.cc:246:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char argv[100][512]; data/fsa-1.15.9+dfsg/src/manager/mw_master.cc:258:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(argv[argc++], "--noannealing"); data/fsa-1.15.9+dfsg/src/manager/mw_master.cc:502:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[64]; data/fsa-1.15.9+dfsg/src/manager/mw_master.cc:504:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line_input[1024]; data/fsa-1.15.9+dfsg/src/manager/mw_master.cc:507:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(path, "/proc/cpuinfo"); data/fsa-1.15.9+dfsg/src/manager/mw_master.cc:509:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fp = fopen(path, "r")) != NULL ) { data/fsa-1.15.9+dfsg/src/manager/mw_master.cc:513:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(arch,"X86_64"); data/fsa-1.15.9+dfsg/src/manager/mw_master.cc:524:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(arch,"INTEL"); data/fsa-1.15.9+dfsg/src/manager/transfer_data.cc:83:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char entry[MAX_DB_ENTRY_LENGTH]; data/fsa-1.15.9+dfsg/src/manager/transfer_data.cc:84:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(entry,"%d\t%d\t%d\t%d\t%lf\n", seq1, pos1, seq2, pos2, prob); data/fsa-1.15.9+dfsg/src/manager/transfer_data.cc:100:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char entry[MAX_DB_ENTRY_LENGTH]; data/fsa-1.15.9+dfsg/src/manager/transfer_data.cc:101:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(entry,"%d\t%d\t%d\n", seq1, seq2, size); data/fsa-1.15.9+dfsg/src/manager/transfer_data.cc:120:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char entry[MAX_DB_ENTRY_LENGTH]; data/fsa-1.15.9+dfsg/src/manager/transfer_data.cc:121:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(entry,"%d\t%d\t%d\t%d\t%lf\t%f\n", seq1, pos1, seq2, pos2, weight, delta); data/fsa-1.15.9+dfsg/src/seq/alignment.cc:210:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). filestream.open (filename.c_str(), std::ios::in); data/fsa-1.15.9+dfsg/src/seq/alignment.cc:620:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). filestream.open (filename.c_str(), std::ios::in); data/fsa-1.15.9+dfsg/src/seq/gff.cc:52:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). set_start (atoi (tokens[3].c_str())); data/fsa-1.15.9+dfsg/src/seq/gff.cc:53:32: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). end = static_cast<unsigned> (atoi (tokens[4].c_str())); data/fsa-1.15.9+dfsg/src/seq/gff.cc:56:86: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). phase = (tokens[7] != "" && tokens[7] != GFF::undef_char) ? static_cast<unsigned> (atoi (tokens[7].c_str())) : 3; data/fsa-1.15.9+dfsg/src/seq/gff.cc:142:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). filestream.open (filename.c_str(), std::ios::in); data/fsa-1.15.9+dfsg/src/seq/mercator.cc:46:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). filestream.open (genomes_filename.c_str(), std::ifstream::in); data/fsa-1.15.9+dfsg/src/seq/mercator.cc:71:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). filestream.open (map_filename.c_str(), std::ifstream::in); data/fsa-1.15.9+dfsg/src/seq/mercator.cc:129:47: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const unsigned bin = static_cast<unsigned> (atoi (tokens[0].c_str())); data/fsa-1.15.9+dfsg/src/seq/mercator.cc:147:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const unsigned start = atoi (tokens[i + 1].c_str()); data/fsa-1.15.9+dfsg/src/seq/mercator.cc:148:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const unsigned end = atoi (tokens[i + 2].c_str()) - 1; // (remember that Mercator coordinates are half-open, [start, end); convert to fully-closed here) data/fsa-1.15.9+dfsg/src/seq/sequence.cc:56:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). filestream.open (filename.c_str(), std::ios::in); data/fsa-1.15.9+dfsg/src/seq/sequence.cc:367:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). filestream.open (filename.c_str(), std::ios::in); data/fsa-1.15.9+dfsg/src/seq/sequence.h:212:18: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char __codon_map[4][4][4]; ///< map from codons to amino acids data/fsa-1.15.9+dfsg/src/util/dexception.cc:51:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hex[100]; // i assume this will never run on a >400-bit machine data/fsa-1.15.9+dfsg/src/util/dexception.cc:52:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (hex, "%.8x", ret_addr[level]); data/fsa-1.15.9+dfsg/src/util/logfile.cc:150:116: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (range_re.Match (level_range.c_str())) { sstring l = range_re[1]; sstring h = range_re[2]; lowest_level = atoi(l.c_str()); highest_level = atoi(h.c_str()); } data/fsa-1.15.9+dfsg/src/util/logfile.cc:150:149: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (range_re.Match (level_range.c_str())) { sstring l = range_re[1]; sstring h = range_re[2]; lowest_level = atoi(l.c_str()); highest_level = atoi(h.c_str()); } data/fsa-1.15.9+dfsg/src/util/logfile.cc:151:96: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). else if (above_re.Match (level_range.c_str())) { sstring l = above_re[1]; lowest_level = atoi(l.c_str()); highest_level = +123456789; } data/fsa-1.15.9+dfsg/src/util/logfile.cc:152:124: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). else if (below_re.Match (level_range.c_str())) { sstring h = below_re[1]; lowest_level = -123456789; highest_level = atoi(h.c_str()); } data/fsa-1.15.9+dfsg/src/util/logfile.cc:164:107: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (line_range_re.Match (d.c_str())) { d = line_range_re[1]; sstring s = line_range_re[2]; start_line = atoi(s.c_str()); sstring e = line_range_re[3]; end_line = atoi(e.c_str()); } data/fsa-1.15.9+dfsg/src/util/logfile.cc:164:165: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (line_range_re.Match (d.c_str())) { d = line_range_re[1]; sstring s = line_range_re[2]; start_line = atoi(s.c_str()); sstring e = line_range_re[3]; end_line = atoi(e.c_str()); } data/fsa-1.15.9+dfsg/src/util/logfile.cc:165:126: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). else if (single_line_re.Match (d.c_str())) { d = single_line_re[1]; sstring s = single_line_re[2]; start_line = end_line = atoi(s.c_str()); } data/fsa-1.15.9+dfsg/src/util/logfile.cc:310:83: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (numeric_re.Match (directive_string.c_str())) clog_stream.lowest_log_level = atoi (directive_string.c_str()); data/fsa-1.15.9+dfsg/src/util/logfile.h:130:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). logfile_stream.open (filename.c_str(), std::ios_base::app); data/fsa-1.15.9+dfsg/src/util/misc.cc:49:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). filestream.open (filename.c_str(), std::ios::in); data/fsa-1.15.9+dfsg/src/util/opts_list.cc:129:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). return atoi(*argv++); data/fsa-1.15.9+dfsg/src/util/opts_list.cc:229:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[100]; data/fsa-1.15.9+dfsg/src/util/opts_list.cc:230:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d", var); data/fsa-1.15.9+dfsg/src/util/opts_list.cc:251:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[100]; data/fsa-1.15.9+dfsg/src/util/opts_list.cc:252:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%g", var); data/fsa-1.15.9+dfsg/src/util/regexp.cc:395:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char regdummy[3]; // NOTHING, 0 next ptr data/fsa-1.15.9+dfsg/src/util/regexp.cc:552:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( program, orig.program, m_programSize * sizeof( char ) ); data/fsa-1.15.9+dfsg/src/util/regexp.cc:1428:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[50]; data/fsa-1.15.9+dfsg/src/util/regexp.cc:1451:3: [2] (buffer) _stprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. _stprintf(buf+strlen(buf), "OPEN%d", OP(op)-OPEN); data/fsa-1.15.9+dfsg/src/util/regexp.cc:1457:3: [2] (buffer) _stprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. _stprintf(buf+strlen(buf), "CLOSE%d", OP(op)-CLOSE); data/fsa-1.15.9+dfsg/src/util/sstring.cc:65:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf [buf_sz]; data/fsa-1.15.9+dfsg/src/util/sstring.cc:148:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cstr[12]; data/fsa-1.15.9+dfsg/src/util/sstring.cc:149:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (cstr, "\\%.3o", c); data/fsa-1.15.9+dfsg/src/util/sstring.h:106:33: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int to_int() const { return atoi (c_str()); } data/fsa-1.15.9+dfsg/MW/src/BlackBox/MWTask_blackbox.C:180:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). file.read(b, file_size); data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:4033:6: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(key, raw_line, equal_pos - (raw_line+1)); data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:4096:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy( Arch, value, sizeof(Arch) ); data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:4106:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy( OpSys, value, sizeof(OpSys) ); data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:4116:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(IPAddress , value, sizeof(IPAddress) ); data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:4352:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). _measure_dump_rec_interval = atoi( &(str[strlen("dump_record_interval")+1]) ); data/fsa-1.15.9+dfsg/MW/src/MWDriver.C:4355:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). _measure_read_opt_interval = atoi( &(str[strlen("read_option_interval")+1]) ); data/fsa-1.15.9+dfsg/MW/src/MWList.h:541:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). this->name = (char*)malloc(strlen(name)+1); data/fsa-1.15.9+dfsg/MW/src/MWWorkerID.C:158:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy( mach_name, name, 64 ); data/fsa-1.15.9+dfsg/MW/src/MWWorkerID.C:432:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ( fmt[strlen(fmt)-1] == '\n' ) { data/fsa-1.15.9+dfsg/MW/src/MWWorkerID.C:518:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(key, raw_line, equal_pos - (raw_line+1)); data/fsa-1.15.9+dfsg/MW/src/MWWorkerID.C:572:6: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy( Arch, value, strlen(value)-1 ); data/fsa-1.15.9+dfsg/MW/src/MWWorkerID.C:572:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncpy( Arch, value, strlen(value)-1 ); data/fsa-1.15.9+dfsg/MW/src/MWWorkerID.C:581:6: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy( OpSys, value, strlen(value)-1 ); data/fsa-1.15.9+dfsg/MW/src/MWWorkerID.C:581:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncpy( OpSys, value, strlen(value)-1 ); data/fsa-1.15.9+dfsg/MW/src/MWprintf.C:102:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ( fmt[strlen(fmt)-1] == '\n' ) data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-CondorPVM/MWCondorPvmRC.C:949:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). bytes_packed_ += strlen(str); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-CondorPVM/MWCondorPvmRC.C:1258:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). bytes_unpacked_ += strlen(str); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:497:17: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while( ( c = getc( userf ) ) != EOF ) data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:1274:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ( strlen(str) == 0 ) return 0; data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:1284:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(str) + 1 ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:1760:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(it10) + 1); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:2070:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(it10) + 1); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/MWFileRC.C:2788:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for ( unsigned i = 0; i < strlen ( newstring ); i++ ) data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/chirp_client.c:122:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(host,url,str-url); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-File/chirp_client.c:517:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). c += strlen(c); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Independent/MWIndRC.C:306:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int len = strlen(string); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:499:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for ( unsigned ii = 0; ii < strlen ( newstring ); ii++ ) data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:1350:17: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while( ( c = getc( userf ) ) != EOF ) data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:1603:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int len = strlen ( str ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:1612:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). bytes_packed_ += strlen(str); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-Socket/MWSocketRC.C:1856:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). bytes_unpacked_ += strlen(str); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-StaticMPI/MWStaticMPIRC.C:589:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). bytes_packed_ += strlen(str); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-StaticMPI/MWStaticMPIRC.C:590:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int nitem = strlen(str); data/fsa-1.15.9+dfsg/MW/src/RMComm/MW-StaticMPI/MWStaticMPIRC.C:745:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). bytes_unpacked_ += strlen(str); data/fsa-1.15.9+dfsg/MW/src/RMComm/MWRMComm.C:92:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fprintf ( fp, "1 %d %s\n", strlen(arch_class_attributes[i]), arch_class_attributes[i] ); data/fsa-1.15.9+dfsg/MW/src/RMComm/MWRMComm.C:104:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fprintf ( fp, "1 %d %s\n", strlen(worker_executables[i]->attributes), data/fsa-1.15.9+dfsg/MW/src/RMComm/MWRMComm.C:249:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). arch_class_attributes[arch_class] = new char[strlen(attr)+1]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MWRMComm.C:302:67: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). worker_executables[tempnum_executables]->executable = new char [ strlen(exec_name) + 1 ]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MWRMComm.C:313:69: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). worker_executables[tempnum_executables]->attributes = new char [ strlen(requirements) + 1 ]; data/fsa-1.15.9+dfsg/MW/src/RMComm/MWRMComm.C:360:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *newone = new char[strlen(exec_name) + 1]; data/fsa-1.15.9+dfsg/src/fsa/algebras.h:370:22: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. static inline bool equal( BFloat iX, BFloat iY) { return bfloat_equal(iX,iY); } data/fsa-1.15.9+dfsg/src/fsa/algebras.h:415:22: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. static inline bool equal( Value iX, Value iY) { return iX==iY; } data/fsa-1.15.9+dfsg/src/fsa/algebras.h:488:80: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. inline friend int operator== (const Algebra& lx, const Algebra& ly) { return equal(lx.val, ly.val); } data/fsa-1.15.9+dfsg/src/fsa/algebras.h:489:78: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. inline friend int operator== (const Algebra& lx, const double py) { return equal(lx.val, from_prob(py)); } data/fsa-1.15.9+dfsg/src/fsa/algebras.h:490:78: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. inline friend int operator== (const double px, const Algebra& ly) { return equal(from_prob(px), ly.val); } data/fsa-1.15.9+dfsg/src/fsa/algebras.h:492:81: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. inline friend int operator!= (const Algebra& lx, const Algebra& ly) { return !equal(lx.val, ly.val); } data/fsa-1.15.9+dfsg/src/fsa/algebras.h:493:79: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. inline friend int operator!= (const Algebra& lx, const double py) { return !equal(lx.val, from_prob(py)); } data/fsa-1.15.9+dfsg/src/fsa/algebras.h:494:79: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. inline friend int operator!= (const double px, const Algebra& ly) { return !equal(from_prob(px), ly.val); } data/fsa-1.15.9+dfsg/src/fsa/algebras.h:537:22: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. static inline bool equal (Value X, Value Y ) { return AlgebraMethods::equal( X, Y ); } data/fsa-1.15.9+dfsg/src/fsa/algebras.h:537:73: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. static inline bool equal (Value X, Value Y ) { return AlgebraMethods::equal( X, Y ); } data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:117:85: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block1Secondary = this->StateMemoryaaIndel2Block1.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:127:85: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block2Secondary = this->StateMemoryaaIndel2Block2.read((iPos0-(0))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:137:85: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block3Secondary = this->StateMemoryaaIndel2Block3.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:236:85: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block1Secondary = this->StateMemoryaaIndel2Block1.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:246:85: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block2Secondary = this->StateMemoryaaIndel2Block2.read((iPos0-(0))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:256:85: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block3Secondary = this->StateMemoryaaIndel2Block3.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:475:85: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block1Secondary = this->StateMemoryaaIndel2Block1.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:485:107: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block2withbandingSecondary = this->StateMemoryaaIndel2Block2withbanding.read((iPos0-(0))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:495:85: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block3Secondary = this->StateMemoryaaIndel2Block3.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:594:85: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block1Secondary = this->StateMemoryaaIndel2Block1.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:604:107: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block2withbandingSecondary = this->StateMemoryaaIndel2Block2withbanding.read((iPos0-(0))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:614:85: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block3Secondary = this->StateMemoryaaIndel2Block3.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:896:85: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block1From = dp.StateMemoryaaIndel2Block1.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:901:85: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block2From = dp.StateMemoryaaIndel2Block2.read((iPos0-(0))-(0), (iPos1-(1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:910:85: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block1From = dp.StateMemoryaaIndel2Block1.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:915:85: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block2From = dp.StateMemoryaaIndel2Block2.read((iPos0-(1))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:924:85: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block1From = dp.StateMemoryaaIndel2Block1.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:928:85: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block2From = dp.StateMemoryaaIndel2Block2.read((iPos0-(1))-(0), (iPos1-(1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:941:85: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block2From = dp.StateMemoryaaIndel2Block2.read((iPos0-(0))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:960:77: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block3From = dp.StateMemoryaaIndel2Block3.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:1114:83: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block3Secondary = dp2.StateMemoryaaIndel2Block3.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:1143:87: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block2Secondary = dp2.StateMemoryaaIndel2Block2.read((iPos0-(0))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:1147:85: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block2From = dp.StateMemoryaaIndel2Block2.read((iPos0-(0))-(0), (iPos1-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:1168:85: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block2From = dp.StateMemoryaaIndel2Block2.read((iPos0-(-1))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:1189:85: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block2From = dp.StateMemoryaaIndel2Block2.read((iPos0-(-1))-(0), (iPos1-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:1213:85: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block3From = dp.StateMemoryaaIndel2Block3.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:1253:87: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block1Secondary = dp2.StateMemoryaaIndel2Block1.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:1257:85: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block2From = dp.StateMemoryaaIndel2Block2.read((iPos0-(0))-(0), (iPos1-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:1270:85: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block2From = dp.StateMemoryaaIndel2Block2.read((iPos0-(-1))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:1283:85: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block2From = dp.StateMemoryaaIndel2Block2.read((iPos0-(-1))-(0), (iPos1-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:1302:77: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block1From = dp.StateMemoryaaIndel2Block1.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:1448:85: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block2From = dp.StateMemoryaaIndel2Block2.read((iPos0-(0))-(0), (iPos1-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:1457:85: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block2From = dp.StateMemoryaaIndel2Block2.read((iPos0-(-1))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:1466:85: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block2From = dp.StateMemoryaaIndel2Block2.read((iPos0-(-1))-(0), (iPos1-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:1475:85: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block3From = dp.StateMemoryaaIndel2Block3.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:1503:85: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block2From = dp.StateMemoryaaIndel2Block2.read((iPos0-(0))-(0), (iPos1-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:1510:85: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block2From = dp.StateMemoryaaIndel2Block2.read((iPos0-(-1))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:1517:85: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block2From = dp.StateMemoryaaIndel2Block2.read((iPos0-(-1))-(0), (iPos1-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:1532:77: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block1From = dp.StateMemoryaaIndel2Block1.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:1718:89: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block1From = dp.StateMemoryaaIndel2Block1.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:1723:111: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block2withbandingFrom = dp.StateMemoryaaIndel2Block2withbanding.read((position[0]-(0))-(0), (position[1]-(1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:1732:89: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block1From = dp.StateMemoryaaIndel2Block1.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:1737:111: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block2withbandingFrom = dp.StateMemoryaaIndel2Block2withbanding.read((position[0]-(1))-(0), (position[1]-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:1746:89: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block1From = dp.StateMemoryaaIndel2Block1.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:1750:111: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block2withbandingFrom = dp.StateMemoryaaIndel2Block2withbanding.read((position[0]-(1))-(0), (position[1]-(1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:1778:107: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block2withbandingFrom = dp.StateMemoryaaIndel2Block2withbanding.read((iPos0-(0))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:1797:77: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block3From = dp.StateMemoryaaIndel2Block3.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:1952:83: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block3Secondary = dp2.StateMemoryaaIndel2Block3.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:1997:113: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block2withbandingSecondary = dp2.StateMemoryaaIndel2Block2withbanding.read((position[0]-(0))-(0), (position[1]-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:2001:111: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block2withbandingFrom = dp.StateMemoryaaIndel2Block2withbanding.read((position[0]-(0))-(0), (position[1]-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:2022:111: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block2withbandingFrom = dp.StateMemoryaaIndel2Block2withbanding.read((position[0]-(-1))-(0), (position[1]-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:2043:111: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block2withbandingFrom = dp.StateMemoryaaIndel2Block2withbanding.read((position[0]-(-1))-(0), (position[1]-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:2067:89: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block3From = dp.StateMemoryaaIndel2Block3.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:2122:87: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block1Secondary = dp2.StateMemoryaaIndel2Block1.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:2126:107: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block2withbandingFrom = dp.StateMemoryaaIndel2Block2withbanding.read((iPos0-(0))-(0), (iPos1-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:2139:107: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block2withbandingFrom = dp.StateMemoryaaIndel2Block2withbanding.read((iPos0-(-1))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:2152:107: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block2withbandingFrom = dp.StateMemoryaaIndel2Block2withbanding.read((iPos0-(-1))-(0), (iPos1-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:2171:77: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block1From = dp.StateMemoryaaIndel2Block1.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:2334:111: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block2withbandingFrom = dp.StateMemoryaaIndel2Block2withbanding.read((position[0]-(0))-(0), (position[1]-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:2343:111: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block2withbandingFrom = dp.StateMemoryaaIndel2Block2withbanding.read((position[0]-(-1))-(0), (position[1]-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:2352:111: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block2withbandingFrom = dp.StateMemoryaaIndel2Block2withbanding.read((position[0]-(-1))-(0), (position[1]-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:2361:89: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block3From = dp.StateMemoryaaIndel2Block3.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:2404:107: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block2withbandingFrom = dp.StateMemoryaaIndel2Block2withbanding.read((iPos0-(0))-(0), (iPos1-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:2411:107: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block2withbandingFrom = dp.StateMemoryaaIndel2Block2withbanding.read((iPos0-(-1))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:2418:107: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block2withbandingFrom = dp.StateMemoryaaIndel2Block2withbanding.read((iPos0-(-1))-(0), (iPos1-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoacid_indel2dp.cc:2433:77: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaIndel2Block1From = dp.StateMemoryaaIndel2Block1.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:117:73: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock1Secondary = this->StateMemoryaaBlock1.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:127:73: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock2Secondary = this->StateMemoryaaBlock2.read((iPos0-(0))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:137:73: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock3Secondary = this->StateMemoryaaBlock3.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:236:73: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock1Secondary = this->StateMemoryaaBlock1.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:246:73: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock2Secondary = this->StateMemoryaaBlock2.read((iPos0-(0))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:256:73: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock3Secondary = this->StateMemoryaaBlock3.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:475:73: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock1Secondary = this->StateMemoryaaBlock1.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:485:95: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock2withbandingSecondary = this->StateMemoryaaBlock2withbanding.read((iPos0-(0))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:495:73: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock3Secondary = this->StateMemoryaaBlock3.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:594:73: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock1Secondary = this->StateMemoryaaBlock1.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:604:95: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock2withbandingSecondary = this->StateMemoryaaBlock2withbanding.read((iPos0-(0))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:614:73: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock3Secondary = this->StateMemoryaaBlock3.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:876:73: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock1From = dp.StateMemoryaaBlock1.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:880:73: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock2From = dp.StateMemoryaaBlock2.read((iPos0-(0))-(0), (iPos1-(1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:887:73: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock1From = dp.StateMemoryaaBlock1.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:891:73: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock2From = dp.StateMemoryaaBlock2.read((iPos0-(1))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:898:73: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock1From = dp.StateMemoryaaBlock1.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:902:73: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock2From = dp.StateMemoryaaBlock2.read((iPos0-(1))-(0), (iPos1-(1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:913:73: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock2From = dp.StateMemoryaaBlock2.read((iPos0-(0))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:930:65: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock3From = dp.StateMemoryaaBlock3.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:1064:71: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock3Secondary = dp2.StateMemoryaaBlock3.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:1093:75: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock2Secondary = dp2.StateMemoryaaBlock2.read((iPos0-(0))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:1097:73: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock2From = dp.StateMemoryaaBlock2.read((iPos0-(0))-(0), (iPos1-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:1110:73: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock2From = dp.StateMemoryaaBlock2.read((iPos0-(-1))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:1123:73: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock2From = dp.StateMemoryaaBlock2.read((iPos0-(-1))-(0), (iPos1-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:1139:73: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock3From = dp.StateMemoryaaBlock3.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:1171:75: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock1Secondary = dp2.StateMemoryaaBlock1.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:1175:73: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock2From = dp.StateMemoryaaBlock2.read((iPos0-(0))-(0), (iPos1-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:1184:73: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock2From = dp.StateMemoryaaBlock2.read((iPos0-(-1))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:1193:73: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock2From = dp.StateMemoryaaBlock2.read((iPos0-(-1))-(0), (iPos1-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:1212:65: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock1From = dp.StateMemoryaaBlock1.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:1338:73: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock2From = dp.StateMemoryaaBlock2.read((iPos0-(0))-(0), (iPos1-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:1345:73: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock2From = dp.StateMemoryaaBlock2.read((iPos0-(-1))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:1352:73: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock2From = dp.StateMemoryaaBlock2.read((iPos0-(-1))-(0), (iPos1-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:1359:73: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock3From = dp.StateMemoryaaBlock3.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:1385:73: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock2From = dp.StateMemoryaaBlock2.read((iPos0-(0))-(0), (iPos1-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:1391:73: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock2From = dp.StateMemoryaaBlock2.read((iPos0-(-1))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:1397:73: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock2From = dp.StateMemoryaaBlock2.read((iPos0-(-1))-(0), (iPos1-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:1412:65: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock1From = dp.StateMemoryaaBlock1.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:1578:77: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock1From = dp.StateMemoryaaBlock1.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:1582:99: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock2withbandingFrom = dp.StateMemoryaaBlock2withbanding.read((position[0]-(0))-(0), (position[1]-(1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:1589:77: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock1From = dp.StateMemoryaaBlock1.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:1593:99: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock2withbandingFrom = dp.StateMemoryaaBlock2withbanding.read((position[0]-(1))-(0), (position[1]-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:1600:77: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock1From = dp.StateMemoryaaBlock1.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:1604:99: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock2withbandingFrom = dp.StateMemoryaaBlock2withbanding.read((position[0]-(1))-(0), (position[1]-(1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:1630:95: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock2withbandingFrom = dp.StateMemoryaaBlock2withbanding.read((iPos0-(0))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:1647:65: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock3From = dp.StateMemoryaaBlock3.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:1782:71: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock3Secondary = dp2.StateMemoryaaBlock3.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:1827:101: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock2withbandingSecondary = dp2.StateMemoryaaBlock2withbanding.read((position[0]-(0))-(0), (position[1]-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:1831:99: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock2withbandingFrom = dp.StateMemoryaaBlock2withbanding.read((position[0]-(0))-(0), (position[1]-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:1844:99: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock2withbandingFrom = dp.StateMemoryaaBlock2withbanding.read((position[0]-(-1))-(0), (position[1]-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:1857:99: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock2withbandingFrom = dp.StateMemoryaaBlock2withbanding.read((position[0]-(-1))-(0), (position[1]-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:1873:77: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock3From = dp.StateMemoryaaBlock3.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:1920:75: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock1Secondary = dp2.StateMemoryaaBlock1.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:1924:95: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock2withbandingFrom = dp.StateMemoryaaBlock2withbanding.read((iPos0-(0))-(0), (iPos1-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:1933:95: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock2withbandingFrom = dp.StateMemoryaaBlock2withbanding.read((iPos0-(-1))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:1942:95: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock2withbandingFrom = dp.StateMemoryaaBlock2withbanding.read((iPos0-(-1))-(0), (iPos1-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:1961:65: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock1From = dp.StateMemoryaaBlock1.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:2104:99: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock2withbandingFrom = dp.StateMemoryaaBlock2withbanding.read((position[0]-(0))-(0), (position[1]-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:2111:99: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock2withbandingFrom = dp.StateMemoryaaBlock2withbanding.read((position[0]-(-1))-(0), (position[1]-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:2118:99: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock2withbandingFrom = dp.StateMemoryaaBlock2withbanding.read((position[0]-(-1))-(0), (position[1]-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:2125:77: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock3From = dp.StateMemoryaaBlock3.read(); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:2166:95: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock2withbandingFrom = dp.StateMemoryaaBlock2withbanding.read((iPos0-(0))-(0), (iPos1-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:2172:95: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock2withbandingFrom = dp.StateMemoryaaBlock2withbanding.read((iPos0-(-1))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:2178:95: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock2withbandingFrom = dp.StateMemoryaaBlock2withbanding.read((iPos0-(-1))-(0), (iPos1-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/aminoaciddp.cc:2193:65: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemoryaaBlock1From = dp.StateMemoryaaBlock1.read(); data/fsa-1.15.9+dfsg/src/fsa/dptables.h:224:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). const States& read() const { return this->aTables[0]->read(); } data/fsa-1.15.9+dfsg/src/fsa/dptables.h:224:57: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). const States& read() const { return this->aTables[0]->read(); } data/fsa-1.15.9+dfsg/src/fsa/dptables.h:235:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). const States& read(int a) const { return this->aTables[a%2]->read(); } data/fsa-1.15.9+dfsg/src/fsa/dptables.h:235:64: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). const States& read(int a) const { return this->aTables[a%2]->read(); } data/fsa-1.15.9+dfsg/src/fsa/dptables.h:246:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). const States& read(int a, int b) const { return this->aTables[b%2]->read(a); } data/fsa-1.15.9+dfsg/src/fsa/dptables.h:246:71: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). const States& read(int a, int b) const { return this->aTables[b%2]->read(a); } data/fsa-1.15.9+dfsg/src/fsa/dptables.h:257:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). const States& read(int a, int b, int c) const { return this->aTables[c%2]->read(a,b); } data/fsa-1.15.9+dfsg/src/fsa/dptables.h:257:78: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). const States& read(int a, int b, int c) const { return this->aTables[c%2]->read(a,b); } data/fsa-1.15.9+dfsg/src/fsa/dptables.h:268:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). const States& read(int a, int b, int c, int d) const { return this->aTables[d%2]->read(a,b,c); } data/fsa-1.15.9+dfsg/src/fsa/dptables.h:268:85: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). const States& read(int a, int b, int c, int d) const { return this->aTables[d%2]->read(a,b,c); } data/fsa-1.15.9+dfsg/src/fsa/dptables.h:283:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). const States& read() const { return *pTable; } data/fsa-1.15.9+dfsg/src/fsa/dptables.h:298:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). const States& read(int a) const { return pTable[a]; } data/fsa-1.15.9+dfsg/src/fsa/dptables.h:313:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). const States& read(int a, int b) const { return pTable[a+maxa*b]; } data/fsa-1.15.9+dfsg/src/fsa/dptables.h:328:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). const States& read(int a, int b, int c) const { return pTable[a+maxa*(b+maxb*c)]; } data/fsa-1.15.9+dfsg/src/fsa/dptables.h:343:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). const States& read(int a, int b, int c, int d) const { return pTable[a+maxa*(b+maxb*(c+maxc*d))]; } data/fsa-1.15.9+dfsg/src/fsa/dptables.h:364:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). const States& read(int a) const { data/fsa-1.15.9+dfsg/src/fsa/dptables.h:386:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). const States& read(int a, int b) const { data/fsa-1.15.9+dfsg/src/fsa/dptables.h:408:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). const States& read(int a, int b, int c) const { data/fsa-1.15.9+dfsg/src/fsa/dptables.h:429:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). const States& read(int a, int b, int c, int d) const { data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:117:87: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block1Secondary = this->StateMemorynucIndel2Block1.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:127:87: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block2Secondary = this->StateMemorynucIndel2Block2.read((iPos0-(0))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:137:87: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block3Secondary = this->StateMemorynucIndel2Block3.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:236:87: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block1Secondary = this->StateMemorynucIndel2Block1.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:246:87: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block2Secondary = this->StateMemorynucIndel2Block2.read((iPos0-(0))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:256:87: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block3Secondary = this->StateMemorynucIndel2Block3.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:475:87: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block1Secondary = this->StateMemorynucIndel2Block1.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:485:109: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block2withbandingSecondary = this->StateMemorynucIndel2Block2withbanding.read((iPos0-(0))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:495:87: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block3Secondary = this->StateMemorynucIndel2Block3.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:594:87: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block1Secondary = this->StateMemorynucIndel2Block1.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:604:109: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block2withbandingSecondary = this->StateMemorynucIndel2Block2withbanding.read((iPos0-(0))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:614:87: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block3Secondary = this->StateMemorynucIndel2Block3.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:864:87: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block1From = dp.StateMemorynucIndel2Block1.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:869:87: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block2From = dp.StateMemorynucIndel2Block2.read((iPos0-(0))-(0), (iPos1-(1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:878:87: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block1From = dp.StateMemorynucIndel2Block1.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:883:87: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block2From = dp.StateMemorynucIndel2Block2.read((iPos0-(1))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:892:87: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block1From = dp.StateMemorynucIndel2Block1.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:896:87: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block2From = dp.StateMemorynucIndel2Block2.read((iPos0-(1))-(0), (iPos1-(1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:909:87: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block2From = dp.StateMemorynucIndel2Block2.read((iPos0-(0))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:928:79: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block3From = dp.StateMemorynucIndel2Block3.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:1050:85: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block3Secondary = dp2.StateMemorynucIndel2Block3.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:1079:89: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block2Secondary = dp2.StateMemorynucIndel2Block2.read((iPos0-(0))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:1083:87: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block2From = dp.StateMemorynucIndel2Block2.read((iPos0-(0))-(0), (iPos1-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:1104:87: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block2From = dp.StateMemorynucIndel2Block2.read((iPos0-(-1))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:1125:87: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block2From = dp.StateMemorynucIndel2Block2.read((iPos0-(-1))-(0), (iPos1-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:1149:87: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block3From = dp.StateMemorynucIndel2Block3.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:1189:89: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block1Secondary = dp2.StateMemorynucIndel2Block1.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:1193:87: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block2From = dp.StateMemorynucIndel2Block2.read((iPos0-(0))-(0), (iPos1-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:1206:87: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block2From = dp.StateMemorynucIndel2Block2.read((iPos0-(-1))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:1219:87: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block2From = dp.StateMemorynucIndel2Block2.read((iPos0-(-1))-(0), (iPos1-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:1238:79: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block1From = dp.StateMemorynucIndel2Block1.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:1352:87: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block2From = dp.StateMemorynucIndel2Block2.read((iPos0-(0))-(0), (iPos1-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:1361:87: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block2From = dp.StateMemorynucIndel2Block2.read((iPos0-(-1))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:1370:87: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block2From = dp.StateMemorynucIndel2Block2.read((iPos0-(-1))-(0), (iPos1-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:1379:87: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block3From = dp.StateMemorynucIndel2Block3.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:1407:87: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block2From = dp.StateMemorynucIndel2Block2.read((iPos0-(0))-(0), (iPos1-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:1414:87: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block2From = dp.StateMemorynucIndel2Block2.read((iPos0-(-1))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:1421:87: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block2From = dp.StateMemorynucIndel2Block2.read((iPos0-(-1))-(0), (iPos1-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:1436:79: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block1From = dp.StateMemorynucIndel2Block1.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:1590:91: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block1From = dp.StateMemorynucIndel2Block1.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:1595:113: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block2withbandingFrom = dp.StateMemorynucIndel2Block2withbanding.read((position[0]-(0))-(0), (position[1]-(1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:1604:91: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block1From = dp.StateMemorynucIndel2Block1.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:1609:113: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block2withbandingFrom = dp.StateMemorynucIndel2Block2withbanding.read((position[0]-(1))-(0), (position[1]-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:1618:91: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block1From = dp.StateMemorynucIndel2Block1.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:1622:113: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block2withbandingFrom = dp.StateMemorynucIndel2Block2withbanding.read((position[0]-(1))-(0), (position[1]-(1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:1650:109: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block2withbandingFrom = dp.StateMemorynucIndel2Block2withbanding.read((iPos0-(0))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:1669:79: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block3From = dp.StateMemorynucIndel2Block3.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:1792:85: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block3Secondary = dp2.StateMemorynucIndel2Block3.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:1837:115: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block2withbandingSecondary = dp2.StateMemorynucIndel2Block2withbanding.read((position[0]-(0))-(0), (position[1]-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:1841:113: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block2withbandingFrom = dp.StateMemorynucIndel2Block2withbanding.read((position[0]-(0))-(0), (position[1]-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:1862:113: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block2withbandingFrom = dp.StateMemorynucIndel2Block2withbanding.read((position[0]-(-1))-(0), (position[1]-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:1883:113: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block2withbandingFrom = dp.StateMemorynucIndel2Block2withbanding.read((position[0]-(-1))-(0), (position[1]-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:1907:91: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block3From = dp.StateMemorynucIndel2Block3.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:1962:89: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block1Secondary = dp2.StateMemorynucIndel2Block1.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:1966:109: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block2withbandingFrom = dp.StateMemorynucIndel2Block2withbanding.read((iPos0-(0))-(0), (iPos1-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:1979:109: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block2withbandingFrom = dp.StateMemorynucIndel2Block2withbanding.read((iPos0-(-1))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:1992:109: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block2withbandingFrom = dp.StateMemorynucIndel2Block2withbanding.read((iPos0-(-1))-(0), (iPos1-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:2011:79: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block1From = dp.StateMemorynucIndel2Block1.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:2142:113: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block2withbandingFrom = dp.StateMemorynucIndel2Block2withbanding.read((position[0]-(0))-(0), (position[1]-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:2151:113: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block2withbandingFrom = dp.StateMemorynucIndel2Block2withbanding.read((position[0]-(-1))-(0), (position[1]-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:2160:113: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block2withbandingFrom = dp.StateMemorynucIndel2Block2withbanding.read((position[0]-(-1))-(0), (position[1]-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:2169:91: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block3From = dp.StateMemorynucIndel2Block3.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:2212:109: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block2withbandingFrom = dp.StateMemorynucIndel2Block2withbanding.read((iPos0-(0))-(0), (iPos1-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:2219:109: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block2withbandingFrom = dp.StateMemorynucIndel2Block2withbanding.read((iPos0-(-1))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:2226:109: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block2withbandingFrom = dp.StateMemorynucIndel2Block2withbanding.read((iPos0-(-1))-(0), (iPos1-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotide_indel2dp.cc:2241:79: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucIndel2Block1From = dp.StateMemorynucIndel2Block1.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:117:75: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock1Secondary = this->StateMemorynucBlock1.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:127:75: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock2Secondary = this->StateMemorynucBlock2.read((iPos0-(0))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:137:75: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock3Secondary = this->StateMemorynucBlock3.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:236:75: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock1Secondary = this->StateMemorynucBlock1.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:246:75: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock2Secondary = this->StateMemorynucBlock2.read((iPos0-(0))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:256:75: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock3Secondary = this->StateMemorynucBlock3.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:475:75: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock1Secondary = this->StateMemorynucBlock1.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:485:97: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock2withbandingSecondary = this->StateMemorynucBlock2withbanding.read((iPos0-(0))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:495:75: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock3Secondary = this->StateMemorynucBlock3.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:594:75: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock1Secondary = this->StateMemorynucBlock1.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:604:97: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock2withbandingSecondary = this->StateMemorynucBlock2withbanding.read((iPos0-(0))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:614:75: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock3Secondary = this->StateMemorynucBlock3.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:844:75: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock1From = dp.StateMemorynucBlock1.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:848:75: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock2From = dp.StateMemorynucBlock2.read((iPos0-(0))-(0), (iPos1-(1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:855:75: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock1From = dp.StateMemorynucBlock1.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:859:75: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock2From = dp.StateMemorynucBlock2.read((iPos0-(1))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:866:75: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock1From = dp.StateMemorynucBlock1.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:870:75: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock2From = dp.StateMemorynucBlock2.read((iPos0-(1))-(0), (iPos1-(1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:881:75: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock2From = dp.StateMemorynucBlock2.read((iPos0-(0))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:898:67: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock3From = dp.StateMemorynucBlock3.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1000:73: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock3Secondary = dp2.StateMemorynucBlock3.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1029:77: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock2Secondary = dp2.StateMemorynucBlock2.read((iPos0-(0))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1033:75: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock2From = dp.StateMemorynucBlock2.read((iPos0-(0))-(0), (iPos1-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1046:75: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock2From = dp.StateMemorynucBlock2.read((iPos0-(-1))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1059:75: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock2From = dp.StateMemorynucBlock2.read((iPos0-(-1))-(0), (iPos1-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1075:75: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock3From = dp.StateMemorynucBlock3.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1107:77: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock1Secondary = dp2.StateMemorynucBlock1.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1111:75: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock2From = dp.StateMemorynucBlock2.read((iPos0-(0))-(0), (iPos1-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1120:75: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock2From = dp.StateMemorynucBlock2.read((iPos0-(-1))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1129:75: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock2From = dp.StateMemorynucBlock2.read((iPos0-(-1))-(0), (iPos1-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1148:67: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock1From = dp.StateMemorynucBlock1.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1242:75: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock2From = dp.StateMemorynucBlock2.read((iPos0-(0))-(0), (iPos1-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1249:75: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock2From = dp.StateMemorynucBlock2.read((iPos0-(-1))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1256:75: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock2From = dp.StateMemorynucBlock2.read((iPos0-(-1))-(0), (iPos1-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1263:75: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock3From = dp.StateMemorynucBlock3.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1289:75: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock2From = dp.StateMemorynucBlock2.read((iPos0-(0))-(0), (iPos1-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1295:75: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock2From = dp.StateMemorynucBlock2.read((iPos0-(-1))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1301:75: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock2From = dp.StateMemorynucBlock2.read((iPos0-(-1))-(0), (iPos1-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1316:67: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock1From = dp.StateMemorynucBlock1.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1450:79: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock1From = dp.StateMemorynucBlock1.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1454:101: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock2withbandingFrom = dp.StateMemorynucBlock2withbanding.read((position[0]-(0))-(0), (position[1]-(1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1461:79: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock1From = dp.StateMemorynucBlock1.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1465:101: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock2withbandingFrom = dp.StateMemorynucBlock2withbanding.read((position[0]-(1))-(0), (position[1]-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1472:79: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock1From = dp.StateMemorynucBlock1.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1476:101: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock2withbandingFrom = dp.StateMemorynucBlock2withbanding.read((position[0]-(1))-(0), (position[1]-(1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1502:97: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock2withbandingFrom = dp.StateMemorynucBlock2withbanding.read((iPos0-(0))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1519:67: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock3From = dp.StateMemorynucBlock3.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1622:73: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock3Secondary = dp2.StateMemorynucBlock3.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1667:103: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock2withbandingSecondary = dp2.StateMemorynucBlock2withbanding.read((position[0]-(0))-(0), (position[1]-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1671:101: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock2withbandingFrom = dp.StateMemorynucBlock2withbanding.read((position[0]-(0))-(0), (position[1]-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1684:101: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock2withbandingFrom = dp.StateMemorynucBlock2withbanding.read((position[0]-(-1))-(0), (position[1]-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1697:101: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock2withbandingFrom = dp.StateMemorynucBlock2withbanding.read((position[0]-(-1))-(0), (position[1]-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1713:79: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock3From = dp.StateMemorynucBlock3.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1760:77: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock1Secondary = dp2.StateMemorynucBlock1.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1764:97: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock2withbandingFrom = dp.StateMemorynucBlock2withbanding.read((iPos0-(0))-(0), (iPos1-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1773:97: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock2withbandingFrom = dp.StateMemorynucBlock2withbanding.read((iPos0-(-1))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1782:97: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock2withbandingFrom = dp.StateMemorynucBlock2withbanding.read((iPos0-(-1))-(0), (iPos1-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1801:67: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock1From = dp.StateMemorynucBlock1.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1912:101: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock2withbandingFrom = dp.StateMemorynucBlock2withbanding.read((position[0]-(0))-(0), (position[1]-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1919:101: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock2withbandingFrom = dp.StateMemorynucBlock2withbanding.read((position[0]-(-1))-(0), (position[1]-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1926:101: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock2withbandingFrom = dp.StateMemorynucBlock2withbanding.read((position[0]-(-1))-(0), (position[1]-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1933:79: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock3From = dp.StateMemorynucBlock3.read(); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1974:97: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock2withbandingFrom = dp.StateMemorynucBlock2withbanding.read((iPos0-(0))-(0), (iPos1-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1980:97: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock2withbandingFrom = dp.StateMemorynucBlock2withbanding.read((iPos0-(-1))-(0), (iPos1-(0))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:1986:97: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock2withbandingFrom = dp.StateMemorynucBlock2withbanding.read((iPos0-(-1))-(0), (iPos1-(-1))-(0)); data/fsa-1.15.9+dfsg/src/fsa/nucleotidedp.cc:2001:67: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). CurStateMemorynucBlock1From = dp.StateMemorynucBlock1.read(); data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:22:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ( strlen(hostname) > 0 ) data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:24:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ( strlen(hostaddr) > 0 ) data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:26:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ( strlen(dbname) > 0 ) data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:30:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ( strlen(user) > 0 ) data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:32:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ( strlen(password) > 0 ) data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:628:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). PQputCopyData(m_conn, copy_string, strlen(copy_string)); data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:832:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (string) > 0 ) data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:839:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (string) > 0) data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:846:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(string) > 0) data/fsa-1.15.9+dfsg/src/manager/db_postgres.cc:853:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (string) > 0 ) { data/fsa-1.15.9+dfsg/src/util/hash_fcn.h:113:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int len = std::strlen (data); data/fsa-1.15.9+dfsg/src/util/hash_fcn.h:139:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return hsieh_hash_incr (second, std::strlen (second), hsieh_hash_incr (first, std::strlen (first), 0)); data/fsa-1.15.9+dfsg/src/util/hash_fcn.h:139:90: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return hsieh_hash_incr (second, std::strlen (second), hsieh_hash_incr (first, std::strlen (first), 0)); data/fsa-1.15.9+dfsg/src/util/logfile.h:238:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (tags ? (std::strlen(tags) > 0) : false) data/fsa-1.15.9+dfsg/src/util/logfile.h:245:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (tags ? (std::strlen(tags) > 0) : false) data/fsa-1.15.9+dfsg/src/util/opts_list.cc:16:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sstring underline (std::strlen(text), '-'); data/fsa-1.15.9+dfsg/src/util/opts_list.cc:186:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int desc_len = std::strlen(desc); data/fsa-1.15.9+dfsg/src/util/opts_list.cc:199:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int desc_len = std::strlen(negdesc); data/fsa-1.15.9+dfsg/src/util/regexp.cc:522:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char * out = new char[(strlen( exp ) * 4) + 1]; data/fsa-1.15.9+dfsg/src/util/regexp.cc:641:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (OP(scan) == EXACTLY && strlen(OPERAND(scan)) >= len) data/fsa-1.15.9+dfsg/src/util/regexp.cc:644:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(OPERAND(scan)); data/fsa-1.15.9+dfsg/src/util/regexp.cc:1224:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(opnd); data/fsa-1.15.9+dfsg/src/util/regexp.cc:1355:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return(strlen(reginput)); data/fsa-1.15.9+dfsg/src/util/regexp.cc:1430:9: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. (void) strcpy(buf, ":"); data/fsa-1.15.9+dfsg/src/util/regexp.cc:1451:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). _stprintf(buf+strlen(buf), "OPEN%d", OP(op)-OPEN); data/fsa-1.15.9+dfsg/src/util/regexp.cc:1457:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). _stprintf(buf+strlen(buf), "CLOSE%d", OP(op)-CLOSE); data/fsa-1.15.9+dfsg/src/util/regexp.cc:1732:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(buf, startp[no], len); data/fsa-1.15.9+dfsg/src/util/sstring.cc:138:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). reserve (std::strlen (s)); ANALYSIS SUMMARY: Hits = 921 Lines analyzed = 63214 in approximately 1.62 seconds (39061 lines/second) Physical Source Lines of Code (SLOC) = 40046 Hits@level = [0] 207 [1] 362 [2] 395 [3] 13 [4] 150 [5] 1 Hits@level+ = [0+] 1128 [1+] 921 [2+] 559 [3+] 164 [4+] 151 [5+] 1 Hits/KSLOC@level+ = [0+] 28.1676 [1+] 22.9986 [2+] 13.9589 [3+] 4.09529 [4+] 3.77066 [5+] 0.0249713 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.