Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/galib-2.4.7/examples/ex1.C
Examining data/galib-2.4.7/examples/ex10.C
Examining data/galib-2.4.7/examples/ex11.C
Examining data/galib-2.4.7/examples/ex12.C
Examining data/galib-2.4.7/examples/ex13.C
Examining data/galib-2.4.7/examples/ex14.C
Examining data/galib-2.4.7/examples/ex15.C
Examining data/galib-2.4.7/examples/ex16.C
Examining data/galib-2.4.7/examples/ex17.C
Examining data/galib-2.4.7/examples/ex18.C
Examining data/galib-2.4.7/examples/ex19.C
Examining data/galib-2.4.7/examples/ex2.C
Examining data/galib-2.4.7/examples/ex20.C
Examining data/galib-2.4.7/examples/ex21.C
Examining data/galib-2.4.7/examples/ex22.C
Examining data/galib-2.4.7/examples/ex23.C
Examining data/galib-2.4.7/examples/ex24.C
Examining data/galib-2.4.7/examples/ex25.C
Examining data/galib-2.4.7/examples/ex26.C
Examining data/galib-2.4.7/examples/ex27.C
Examining data/galib-2.4.7/examples/ex3.C
Examining data/galib-2.4.7/examples/ex4.C
Examining data/galib-2.4.7/examples/ex5.C
Examining data/galib-2.4.7/examples/ex6.C
Examining data/galib-2.4.7/examples/ex7.C
Examining data/galib-2.4.7/examples/ex8.C
Examining data/galib-2.4.7/examples/ex9.C
Examining data/galib-2.4.7/examples/gnu/AllocRing.cc
Examining data/galib-2.4.7/examples/gnu/AllocRing.h
Examining data/galib-2.4.7/examples/gnu/bitand.c
Examining data/galib-2.4.7/examples/gnu/bitany.c
Examining data/galib-2.4.7/examples/gnu/bitblt.c
Examining data/galib-2.4.7/examples/gnu/bitclear.c
Examining data/galib-2.4.7/examples/gnu/bitcopy.c
Examining data/galib-2.4.7/examples/gnu/bitcount.c
Examining data/galib-2.4.7/examples/gnu/bitdo1.h
Examining data/galib-2.4.7/examples/gnu/bitdo2.h
Examining data/galib-2.4.7/examples/gnu/bitinvert.c
Examining data/galib-2.4.7/examples/gnu/bitlcomp.c
Examining data/galib-2.4.7/examples/gnu/bitprims.h
Examining data/galib-2.4.7/examples/gnu/bitset1.c
Examining data/galib-2.4.7/examples/gnu/bitstr.C
Examining data/galib-2.4.7/examples/gnu/bitstr.h
Examining data/galib-2.4.7/examples/gnu/BitString.cc
Examining data/galib-2.4.7/examples/gnu/BitString.h
Examining data/galib-2.4.7/examples/gnu/bitxor.c
Examining data/galib-2.4.7/examples/gnu/builtin.cc
Examining data/galib-2.4.7/examples/gnu/builtin.h
Examining data/galib-2.4.7/examples/gnu/error.cc
Examining data/galib-2.4.7/examples/gnu/gnuex.C
Examining data/galib-2.4.7/examples/gnu/Obstack.cc
Examining data/galib-2.4.7/examples/gnu/Obstack.h
Examining data/galib-2.4.7/examples/graphic/gaview.C
Examining data/galib-2.4.7/examples/graphic/tspview.C
Examining data/galib-2.4.7/examples/pvmind/genome.C
Examining data/galib-2.4.7/examples/pvmind/genome.h
Examining data/galib-2.4.7/examples/pvmind/master.C
Examining data/galib-2.4.7/examples/pvmind/slave.C
Examining data/galib-2.4.7/examples/pvmpop/genome.C
Examining data/galib-2.4.7/examples/pvmpop/genome.h
Examining data/galib-2.4.7/examples/pvmpop/master.C
Examining data/galib-2.4.7/examples/pvmpop/PVMDemeGA.C
Examining data/galib-2.4.7/examples/pvmpop/PVMDemeGA.h
Examining data/galib-2.4.7/examples/pvmpop/slave.C
Examining data/galib-2.4.7/examples/randtest.C
Examining data/galib-2.4.7/examples/seed.C
Examining data/galib-2.4.7/ga/ga.h
Examining data/galib-2.4.7/ga/GA1DArrayGenome.h
Examining data/galib-2.4.7/ga/GA1DBinStrGenome.C
Examining data/galib-2.4.7/ga/GA1DBinStrGenome.h
Examining data/galib-2.4.7/ga/GA2DArrayGenome.h
Examining data/galib-2.4.7/ga/GA2DBinStrGenome.C
Examining data/galib-2.4.7/ga/GA2DBinStrGenome.h
Examining data/galib-2.4.7/ga/GA3DArrayGenome.h
Examining data/galib-2.4.7/ga/GA3DBinStrGenome.C
Examining data/galib-2.4.7/ga/GA3DBinStrGenome.h
Examining data/galib-2.4.7/ga/GAAllele.C
Examining data/galib-2.4.7/ga/GAAllele.h
Examining data/galib-2.4.7/ga/GAArray.h
Examining data/galib-2.4.7/ga/GABaseGA.C
Examining data/galib-2.4.7/ga/GABaseGA.h
Examining data/galib-2.4.7/ga/GABin2DecGenome.C
Examining data/galib-2.4.7/ga/GABin2DecGenome.h
Examining data/galib-2.4.7/ga/gabincvt.C
Examining data/galib-2.4.7/ga/gabincvt.h
Examining data/galib-2.4.7/ga/GABinStr.C
Examining data/galib-2.4.7/ga/GABinStr.h
Examining data/galib-2.4.7/ga/gaconfig.h
Examining data/galib-2.4.7/ga/GADCrowdingGA.C
Examining data/galib-2.4.7/ga/GADCrowdingGA.h
Examining data/galib-2.4.7/ga/GADemeGA.C
Examining data/galib-2.4.7/ga/GADemeGA.h
Examining data/galib-2.4.7/ga/gaerror.C
Examining data/galib-2.4.7/ga/gaerror.h
Examining data/galib-2.4.7/ga/GAEvalData.h
Examining data/galib-2.4.7/ga/GAGenome.C
Examining data/galib-2.4.7/ga/GAGenome.h
Examining data/galib-2.4.7/ga/gaid.h
Examining data/galib-2.4.7/ga/GAIncGA.C
Examining data/galib-2.4.7/ga/GAIncGA.h
Examining data/galib-2.4.7/ga/GAList.C
Examining data/galib-2.4.7/ga/GAList.h
Examining data/galib-2.4.7/ga/GAListBASE.C
Examining data/galib-2.4.7/ga/GAListBASE.h
Examining data/galib-2.4.7/ga/GAListGenome.C
Examining data/galib-2.4.7/ga/GAListGenome.h
Examining data/galib-2.4.7/ga/GAMask.h
Examining data/galib-2.4.7/ga/GANode.h
Examining data/galib-2.4.7/ga/GAParameter.C
Examining data/galib-2.4.7/ga/GAParameter.h
Examining data/galib-2.4.7/ga/GAPopulation.C
Examining data/galib-2.4.7/ga/GAPopulation.h
Examining data/galib-2.4.7/ga/garandom.C
Examining data/galib-2.4.7/ga/garandom.h
Examining data/galib-2.4.7/ga/GARealGenome.C
Examining data/galib-2.4.7/ga/GARealGenome.h
Examining data/galib-2.4.7/ga/GAScaling.C
Examining data/galib-2.4.7/ga/GAScaling.h
Examining data/galib-2.4.7/ga/GASelector.C
Examining data/galib-2.4.7/ga/GASelector.h
Examining data/galib-2.4.7/ga/GASimpleGA.C
Examining data/galib-2.4.7/ga/GASimpleGA.h
Examining data/galib-2.4.7/ga/GASStateGA.C
Examining data/galib-2.4.7/ga/GASStateGA.h
Examining data/galib-2.4.7/ga/GAStatistics.C
Examining data/galib-2.4.7/ga/GAStatistics.h
Examining data/galib-2.4.7/ga/GAStringGenome.C
Examining data/galib-2.4.7/ga/GAStringGenome.h
Examining data/galib-2.4.7/ga/GATree.C
Examining data/galib-2.4.7/ga/GATree.h
Examining data/galib-2.4.7/ga/GATreeBASE.C
Examining data/galib-2.4.7/ga/GATreeBASE.h
Examining data/galib-2.4.7/ga/GATreeGenome.C
Examining data/galib-2.4.7/ga/GATreeGenome.h
Examining data/galib-2.4.7/ga/gatypes.h
Examining data/galib-2.4.7/ga/gaversion.h
Examining data/galib-2.4.7/ga/std_stream.h
Examining data/galib-2.4.7/ga/GA1DArrayGenome.C
Examining data/galib-2.4.7/ga/GA2DArrayGenome.C
Examining data/galib-2.4.7/ga/GA3DArrayGenome.C

FINAL RESULTS:

data/galib-2.4.7/examples/ex18.C:92:2:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	sprintf(filename, argv[i]);
data/galib-2.4.7/examples/ex3.C:74:2:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	sprintf(filename, argv[i]);
data/galib-2.4.7/examples/ex5.C:311:9:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
        sprintf(filename1, argv[i]);
data/galib-2.4.7/examples/ex5.C:321:9:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
        sprintf(filename2, argv[i]);
data/galib-2.4.7/examples/ex7.C:71:2:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	sprintf(datafile, argv[i]);
data/galib-2.4.7/examples/ex7.C:81:2:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	sprintf(parmfile, argv[i]);
data/galib-2.4.7/examples/pvmpop/PVMDemeGA.C:305:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
  strcpy(sn, slavename);
data/galib-2.4.7/examples/seed.C:44:9:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
        sprintf(filename, argv[i]);
data/galib-2.4.7/ga/GAParameter.C:34:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(fname, fn);
data/galib-2.4.7/ga/GAParameter.C:40:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(sname, sn);
data/galib-2.4.7/ga/GAParameter.C:63:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(fname, orig.fname);
data/galib-2.4.7/ga/GAParameter.C:68:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(sname, orig.sname);
data/galib-2.4.7/ga/GAParameter.C:98:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(ptr, (char*)v);
data/galib-2.4.7/ga/GAParameter.C:407:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
      strcpy(name, buf);
data/galib-2.4.7/ga/GAParameter.C:470:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(_gaerrbuf1, name);
data/galib-2.4.7/ga/GAParameter.C:480:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(_gaerrbuf1, name);
data/galib-2.4.7/ga/GAParameter.C:613:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(_gaerrbuf1, argv[i]);
data/galib-2.4.7/ga/GAStatistics.C:49:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
  strcpy(scorefile, gaDefScoreFilename);
data/galib-2.4.7/ga/GAStatistics.C:134:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(scorefile, orig.scorefile);
data/galib-2.4.7/ga/GAStatistics.h:164:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(scorefile, filename);
data/galib-2.4.7/ga/gaconfig.h:430:46:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
#error   Unknown/untested compiler/operating system!  Check these settings!
data/galib-2.4.7/ga/gaerror.C:78:3:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
  strcat(gaErrMsg, clss);
data/galib-2.4.7/ga/gaerror.C:80:3:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
  strcat(gaErrMsg, func);
data/galib-2.4.7/ga/gaerror.C:82:3:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
  strcat(gaErrMsg, msg1);
data/galib-2.4.7/ga/gaerror.C:86:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(gaErrMsg, msg2);
data/galib-2.4.7/ga/gaerror.C:91:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(gaErrMsg, msg3);
data/galib-2.4.7/ga/gaerror.C:94:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
  sprintf(_gaerrbuf1, "  %s : %ld\n", loc.file, loc.line);
data/galib-2.4.7/ga/gaerror.C:95:3:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
  strcat(gaErrMsg, _gaerrbuf1);
data/galib-2.4.7/ga/gaerror.C:105:3:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
  strcat(gaErrMsg, clss);
data/galib-2.4.7/ga/gaerror.C:107:3:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
  strcat(gaErrMsg, func);
data/galib-2.4.7/ga/gaerror.C:109:3:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
  strcat(gaErrMsg, __gaErrStr[i]);
data/galib-2.4.7/ga/gaerror.C:113:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(gaErrMsg, msg2);
data/galib-2.4.7/ga/gaerror.C:118:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(gaErrMsg, msg3);
data/galib-2.4.7/ga/gaerror.C:121:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
  sprintf(_gaerrbuf1, "  %s : %ld\n", loc.file, loc.line);
data/galib-2.4.7/ga/gaerror.C:122:3:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
  strcat(gaErrMsg, _gaerrbuf1);
data/galib-2.4.7/ga/gaerror.C:132:3:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
  strcat(gaErrMsg, func);
data/galib-2.4.7/ga/gaerror.C:134:3:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
  strcat(gaErrMsg, __gaErrStr[i]);
data/galib-2.4.7/ga/gaerror.C:138:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(gaErrMsg, msg2);
data/galib-2.4.7/ga/gaerror.C:143:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(gaErrMsg, msg3);
data/galib-2.4.7/ga/gaerror.C:146:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
  sprintf(_gaerrbuf1, "  %s : %ld\n", loc.file, loc.line);
data/galib-2.4.7/ga/gaerror.C:147:3:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
  strcat(gaErrMsg, _gaerrbuf1);
data/galib-2.4.7/ga/garandom.h:111:45:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
#error  It is usually a bad idea to use the system randum number generator!
data/galib-2.4.7/ga/garandom.h:112:27:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
#error  Be sure that your system generator works properly, then comment
data/galib-2.4.7/ga/garandom.h:120:29:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
#define _GA_RND             random
data/galib-2.4.7/ga/garandom.h:121:29:  [3] (random) srandom:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
#define _GA_RND_SEED        srandom
data/galib-2.4.7/ga/garandom.h:126:29:  [3] (random) lrand48:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
#define _GA_RND             lrand48
data/galib-2.4.7/ga/garandom.h:133:29:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
#define _GA_RND_SEED        srand
data/galib-2.4.7/examples/ex1.C:38:34:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      GARandomSeed((unsigned int)atoi(argv[ii]));
data/galib-2.4.7/examples/ex10.C:71:34:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      GARandomSeed((unsigned int)atoi(argv[ii]));
data/galib-2.4.7/examples/ex10.C:76:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char filename[32] = "sinusoid.dat";
data/galib-2.4.7/examples/ex10.C:77:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char popfilename1[32] = "pop.nospec.dat";
data/galib-2.4.7/examples/ex10.C:78:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char popfilename2[32] = "pop.genespec.dat";
data/galib-2.4.7/examples/ex10.C:79:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char popfilename3[32] = "pop.phenespec.dat";
data/galib-2.4.7/examples/ex10.C:117:11:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  outfile.open(popfilename1, (STD_IOS_OUT | STD_IOS_TRUNC));
data/galib-2.4.7/examples/ex10.C:141:11:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  outfile.open(popfilename2, (STD_IOS_OUT | STD_IOS_TRUNC));
data/galib-2.4.7/examples/ex10.C:165:11:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  outfile.open(popfilename3, (STD_IOS_OUT | STD_IOS_TRUNC));
data/galib-2.4.7/examples/ex10.C:181:11:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  outfile.open(filename, (STD_IOS_OUT | STD_IOS_TRUNC));
data/galib-2.4.7/examples/ex11.C:38:34:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      GARandomSeed((unsigned int)atoi(argv[ii]));
data/galib-2.4.7/examples/ex12.C:44:34:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      GARandomSeed((unsigned int)atoi(argv[ii]));
data/galib-2.4.7/examples/ex13.C:59:14:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      seed = atoi(argv[ii]);
data/galib-2.4.7/examples/ex13.C:63:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char filename[128] = "smiley.txt";
data/galib-2.4.7/examples/ex14.C:314:12:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	nrobots = atoi(argv[i]);
data/galib-2.4.7/examples/ex14.C:324:13:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	listsize = atoi(argv[i]);
data/galib-2.4.7/examples/ex14.C:334:29:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	GARandomSeed((unsigned int)atoi(argv[i]));
data/galib-2.4.7/examples/ex15.C:35:14:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      seed = atoi(argv[ii]);
data/galib-2.4.7/examples/ex16.C:75:14:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      seed = atoi(argv[ii]);
data/galib-2.4.7/examples/ex17.C:39:14:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      seed = atoi(argv[ii]);
data/galib-2.4.7/examples/ex18.C:41:14:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      seed = atoi(argv[ii]);
data/galib-2.4.7/examples/ex18.C:64:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char filename[128] = "smiley.txt";
data/galib-2.4.7/examples/ex19.C:47:14:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      seed = atoi(argv[ii]);
data/galib-2.4.7/examples/ex19.C:72:18:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	whichFunction = atoi(argv[i]) - 1;
data/galib-2.4.7/examples/ex2.C:40:14:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      seed = atoi(argv[ii]);
data/galib-2.4.7/examples/ex20.C:157:14:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      seed = atoi(argv[ii]);
data/galib-2.4.7/examples/ex21.C:43:14:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      seed = atoi(argv[ii]);
data/galib-2.4.7/examples/ex22.C:137:14:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      seed = atoi(argv[ii]);
data/galib-2.4.7/examples/ex22.C:173:11:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  outfile.open(ifile, (STD_IOS_OUT | STD_IOS_TRUNC));
data/galib-2.4.7/examples/ex22.C:197:11:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  outfile.open(ffile, (STD_IOS_OUT | STD_IOS_TRUNC));
data/galib-2.4.7/examples/ex22.C:207:11:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  outfile.open(file, (STD_IOS_OUT | STD_IOS_TRUNC));
data/galib-2.4.7/examples/ex23.C:49:34:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      GARandomSeed((unsigned int)atoi(argv[jj]));
data/galib-2.4.7/examples/ex23.C:77:11:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  outfile.open("popi.dat", (STD_IOS_OUT | STD_IOS_TRUNC));
data/galib-2.4.7/examples/ex23.C:89:11:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  outfile.open("popf.dat", (STD_IOS_OUT | STD_IOS_TRUNC));
data/galib-2.4.7/examples/ex23.C:99:11:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  outfile.open("sinusoid.dat", (STD_IOS_OUT | STD_IOS_TRUNC));
data/galib-2.4.7/examples/ex24.C:171:14:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      seed = atoi(argv[ii]);
data/galib-2.4.7/examples/ex24.C:200:11:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  outfile.open("population.dat", (STD_IOS_OUT | STD_IOS_TRUNC));
data/galib-2.4.7/examples/ex24.C:210:11:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  outfile.open("sinusoid.dat", (STD_IOS_OUT | STD_IOS_TRUNC));
data/galib-2.4.7/examples/ex25.C:32:14:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      seed = atoi(argv[ii]);
data/galib-2.4.7/examples/ex26.C:77:14:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      seed = atoi(argv[ii]);
data/galib-2.4.7/examples/ex26.C:242:10:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  static char CM[MAX_TOWNS][MAX_TOWNS],visit[MAX_TOWNS];
data/galib-2.4.7/examples/ex26.C:372:10:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  static char CM1[MAX_TOWNS][MAX_TOWNS],CM2[MAX_TOWNS][MAX_TOWNS];
data/galib-2.4.7/examples/ex27.C:172:34:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      GARandomSeed((unsigned int)atoi(argv[i]));
data/galib-2.4.7/examples/ex27.C:202:17:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        which = atoi(argv[i]);
data/galib-2.4.7/examples/ex3.C:42:34:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      GARandomSeed((unsigned int)atoi(argv[ii]));
data/galib-2.4.7/examples/ex3.C:63:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char filename[128] = "smiley.txt";
data/galib-2.4.7/examples/ex4.C:41:34:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      GARandomSeed((unsigned int)atoi(argv[ii]));
data/galib-2.4.7/examples/ex5.C:288:34:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      GARandomSeed((unsigned int)atoi(argv[ii]));
data/galib-2.4.7/examples/ex5.C:301:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char filename1[128] = "smiley.txt";
data/galib-2.4.7/examples/ex5.C:302:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char filename2[128] = "values.txt";
data/galib-2.4.7/examples/ex5.C:346:10:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  infile.open(filename1);
data/galib-2.4.7/examples/ex5.C:371:10:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  infile.open(filename2);
data/galib-2.4.7/examples/ex6.C:52:14:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      seed = atoi(argv[i]);
data/galib-2.4.7/examples/ex7.C:36:34:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      GARandomSeed((unsigned int)atoi(argv[ii]));
data/galib-2.4.7/examples/ex7.C:54:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char datafile[128] = "smiley.txt";
data/galib-2.4.7/examples/ex7.C:55:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char parmfile[128] = "";
data/galib-2.4.7/examples/ex8.C:48:34:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      GARandomSeed((unsigned int)atoi(argv[i]));
data/galib-2.4.7/examples/ex9.C:37:14:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      seed = atoi(argv[i]);
data/galib-2.4.7/examples/gnu/BitString.cc:201:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(rep->s, old->s, BitStr_len(old->len) * sizeof(_BS_word));
data/galib-2.4.7/examples/gnu/BitString.cc:238:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(rep->s, src->s, news * sizeof(_BS_word));
data/galib-2.4.7/examples/gnu/Obstack.cc:84:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy((void*)new_chunk->contents, (void*)objectbase, obj_size);
data/galib-2.4.7/examples/gnu/Obstack.h:37:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char            contents[4];
data/galib-2.4.7/examples/gnu/Obstack.h:127:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(nextfree, data, size);
data/galib-2.4.7/examples/gnu/Obstack.h:135:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(nextfree, data, size);
data/galib-2.4.7/examples/gnu/bitcount.c:29:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char
data/galib-2.4.7/examples/graphic/gaview.C:412:10:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  static char txt[62];
data/galib-2.4.7/examples/graphic/gaview.C:413:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
  sprintf(txt, "%d", ga->generation());
data/galib-2.4.7/examples/graphic/gaview.C:418:10:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  static char txt[62];
data/galib-2.4.7/examples/graphic/gaview.C:419:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
  sprintf(txt, "%d", ga->generation());
data/galib-2.4.7/examples/graphic/gaview.C:767:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
				(char *)bm[bmRewind].bits,
data/galib-2.4.7/examples/graphic/gaview.C:780:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
				(char *)bm[bmStop].bits,
data/galib-2.4.7/examples/graphic/gaview.C:794:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
				(char *)bm[bmForwardStop].bits,
data/galib-2.4.7/examples/graphic/gaview.C:809:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
				(char *)bm[bmFastForwardStop].bits,
data/galib-2.4.7/examples/graphic/gaview.C:824:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
				(char *)bm[bmFastForward].bits,
data/galib-2.4.7/examples/graphic/tspview.C:208:19:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        whichGA = atoi(argv[ii]);
data/galib-2.4.7/examples/graphic/tspview.C:556:10:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  static char CM[MAX_TOWNS][MAX_TOWNS],visit[MAX_TOWNS];
data/galib-2.4.7/examples/graphic/tspview.C:638:10:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  static char CM1[MAX_TOWNS][MAX_TOWNS],CM2[MAX_TOWNS][MAX_TOWNS];
data/galib-2.4.7/examples/graphic/tspview.C:749:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
				(char *)bm[bmRewind].bits,
data/galib-2.4.7/examples/graphic/tspview.C:761:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
				(char *)bm[bmStop].bits,
data/galib-2.4.7/examples/graphic/tspview.C:775:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
				(char *)bm[bmForward].bits,
data/galib-2.4.7/examples/graphic/tspview.C:789:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
				(char *)bm[bmForwardStop].bits,
data/galib-2.4.7/examples/graphic/tspview.C:804:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
				(char *)bm[bmFastForward].bits,
data/galib-2.4.7/examples/pvmind/genome.C:38:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buf[255];
data/galib-2.4.7/examples/pvmind/genome.C:50:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buf[255];
data/galib-2.4.7/examples/pvmind/master.C:66:18:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        length = atoi(argv[i]);
data/galib-2.4.7/examples/pvmind/master.C:76:21:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        data.nreq = atoi(argv[i]);
data/galib-2.4.7/examples/pvmpop/PVMDemeGA.C:304:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char sn[32];				// PVM is not const-safe...
data/galib-2.4.7/examples/pvmpop/genome.C:38:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buf[255];
data/galib-2.4.7/examples/randtest.C:62:9:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	seed = atoi(argv[i]);
data/galib-2.4.7/examples/seed.C:34:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char filename[128] = "smiley.txt";
data/galib-2.4.7/examples/seed.C:54:9:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	seed = atoi(argv[i]);
data/galib-2.4.7/ga/GAAllele.C:449:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(aset, tmp, sz * sizeof(GAAlleleSet<T>*));
data/galib-2.4.7/ga/GAAllele.C:463:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(aset, tmp, sz * sizeof(GAAlleleSet<T>*));
data/galib-2.4.7/ga/GAAllele.C:478:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(aset, tmp, sz * sizeof(GAAlleleSet<T>*));
data/galib-2.4.7/ga/GAAllele.C:493:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(aset, tmp, sz * sizeof(GAAlleleSet<T>*));
data/galib-2.4.7/ga/GABaseGA.C:434:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tmpname[64];
data/galib-2.4.7/ga/GABaseGA.C:435:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(tmpname, value, strlen((char*)value)+1);
data/galib-2.4.7/ga/GABin2DecGenome.C:44:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(nbits, p.nbits, n*sizeof(unsigned short));
data/galib-2.4.7/ga/GABin2DecGenome.C:45:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(oset, p.oset, n*sizeof(unsigned short));
data/galib-2.4.7/ga/GABin2DecGenome.C:46:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(minval, p.minval, n*sizeof(float));
data/galib-2.4.7/ga/GABin2DecGenome.C:47:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(maxval, p.maxval, n*sizeof(float));
data/galib-2.4.7/ga/GABin2DecGenome.C:80:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(nbits, p.nbits, n*sizeof(unsigned short));
data/galib-2.4.7/ga/GABin2DecGenome.C:81:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(oset, p.oset, n*sizeof(unsigned short));
data/galib-2.4.7/ga/GABin2DecGenome.C:82:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(minval, p.minval, n*sizeof(float));
data/galib-2.4.7/ga/GABin2DecGenome.C:83:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(maxval, p.maxval, n*sizeof(float));
data/galib-2.4.7/ga/GABin2DecGenome.C:106:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(core->nbits, nbtmp, core->n*sizeof(unsigned short));
data/galib-2.4.7/ga/GABin2DecGenome.C:111:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(core->oset, ostmp, core->n*sizeof(unsigned short));
data/galib-2.4.7/ga/GABin2DecGenome.C:116:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(core->minval, mintmp, core->n*sizeof(float));
data/galib-2.4.7/ga/GABin2DecGenome.C:121:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(core->maxval, maxtmp, core->n*sizeof(float));
data/galib-2.4.7/ga/GABinStr.C:30:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(data, orig.data, SZ*sizeof(GABit));
data/galib-2.4.7/ga/GABinStr.C:53:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(data, tmp, sz * sizeof(GABit));
data/galib-2.4.7/ga/GABinStr.h:54:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&(data[r]), &(orig.data[x]), l*sizeof(GABit));
data/galib-2.4.7/ga/GADemeGA.C:97:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(nrepl, ga.nrepl, npop * sizeof(int));
data/galib-2.4.7/ga/GADemeGA.C:258:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(deme, ptmp, n * sizeof(GAPopulation*));
data/galib-2.4.7/ga/GADemeGA.C:269:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(nrepl, rtmp, n * sizeof(int));
data/galib-2.4.7/ga/GADemeGA.C:277:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(deme, ptmp, npop * sizeof(GAPopulation*));
data/galib-2.4.7/ga/GADemeGA.C:290:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(nrepl, rtmp, npop * sizeof(int));
data/galib-2.4.7/ga/GAMask.h:23:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(_mask, m._mask, _n*sizeof(GA_MASK_TYPE));
data/galib-2.4.7/ga/GAParameter.C:253:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(p, tmp, n * sizeof(GAParameter*));
data/galib-2.4.7/ga/GAParameter.C:383:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buf[BUFSIZE];
data/galib-2.4.7/ga/GAParameter.C:384:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char name[NAMESIZE];
data/galib-2.4.7/ga/GAParameter.C:393:11:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	npairs = atoi(buf);
data/galib-2.4.7/ga/GAParameter.C:428:13:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	    ival = atoi(buf);
data/galib-2.4.7/ga/GAParameter.C:469:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat(_gaerrbuf1, "unrecognized variable name '");
data/galib-2.4.7/ga/GAParameter.C:479:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(_gaerrbuf1, "variable ");
data/galib-2.4.7/ga/GAParameter.C:481:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(_gaerrbuf1, " has no value");
data/galib-2.4.7/ga/GAParameter.C:482:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(_gaerrbuf2, "be sure there is a newline at end of the file");
data/galib-2.4.7/ga/GAParameter.C:550:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	      ival = atoi(argv[i]);
data/galib-2.4.7/ga/GAParameter.C:565:13:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	    ival = atoi(argv[i]);
data/galib-2.4.7/ga/GAParameter.C:612:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat(_gaerrbuf1, "unrecognized name ");
data/galib-2.4.7/ga/GAParameter.C:622:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(argv, argvout, argc*sizeof(char*));
data/galib-2.4.7/ga/GAPopulation.C:93:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(sind, rind, N * sizeof(GAGenome*));
data/galib-2.4.7/ga/GAPopulation.C:156:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(sind, rind, N * sizeof(GAGenome*));
data/galib-2.4.7/ga/GAPopulation.C:160:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(indDiv, arg.indDiv, (N*N*sizeof(float)));
data/galib-2.4.7/ga/GAPopulation.C:235:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(sind, rind, N * sizeof(GAGenome*));
data/galib-2.4.7/ga/GAPopulation.C:263:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(rind, tmp, oldsize*sizeof(GAGenome *));
data/galib-2.4.7/ga/GAPopulation.C:267:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(sind, tmp, oldsize*sizeof(GAGenome *));
data/galib-2.4.7/ga/GAPopulation.C:274:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(&(indDiv[i*N]), &(tmpd[i*oldsize]), oldsize*sizeof(float));
data/galib-2.4.7/ga/GAPopulation.C:294:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(rind, tmp, n*sizeof(GAGenome *));
data/galib-2.4.7/ga/GAPopulation.C:298:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(sind, tmp, n*sizeof(GAGenome *));
data/galib-2.4.7/ga/GAPopulation.C:579:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(sind, rind, N * sizeof(GAGenome*));
data/galib-2.4.7/ga/GAPopulation.C:584:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(rind, sind, N * sizeof(GAGenome*));
data/galib-2.4.7/ga/GAPopulation.C:643:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(sind, rind, N * sizeof(GAGenome*));
data/galib-2.4.7/ga/GAPopulation.C:649:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(rind, sind, N * sizeof(GAGenome*));
data/galib-2.4.7/ga/GAScaling.C:269:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(d, s.d, N*N*sizeof(float));
data/galib-2.4.7/ga/GASelector.h:123:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(psum, sel.psum, n * sizeof(float));
data/galib-2.4.7/ga/GASelector.h:203:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(fraction, sel.fraction, n * sizeof(float));
data/galib-2.4.7/ga/GASelector.h:204:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(choices, sel.choices, n * sizeof(unsigned int));
data/galib-2.4.7/ga/GASelector.h:254:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(fraction, sel.fraction, n * sizeof(float));
data/galib-2.4.7/ga/GASelector.h:255:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(choices, sel.choices, n * sizeof(unsigned int));
data/galib-2.4.7/ga/GASelector.h:256:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(idx, sel.idx, n * sizeof(unsigned int));
data/galib-2.4.7/ga/GAStatistics.C:109:31:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  cscore = new float [Nconv]; memcpy(cscore, orig.cscore, Nconv*sizeof(float));
data/galib-2.4.7/ga/GAStatistics.C:114:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(gen, orig.gen, Nscrs*sizeof(int));
data/galib-2.4.7/ga/GAStatistics.C:117:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(aveScore, orig.aveScore, Nscrs*sizeof(float));
data/galib-2.4.7/ga/GAStatistics.C:120:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(maxScore, orig.maxScore, Nscrs*sizeof(float));
data/galib-2.4.7/ga/GAStatistics.C:123:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(minScore, orig.minScore, Nscrs*sizeof(float));
data/galib-2.4.7/ga/GAStatistics.C:126:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(devScore, orig.devScore, Nscrs*sizeof(float));
data/galib-2.4.7/ga/GAStatistics.C:129:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(divScore, orig.divScore, Nscrs*sizeof(float));
data/galib-2.4.7/ga/GAStatistics.C:349:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(cscore, tmp, (nconv+1) * sizeof(float));
data/galib-2.4.7/ga/GAStatistics.C:352:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(&(cscore[Nconv-(nconv%Nconv)-1]), tmp,
data/galib-2.4.7/ga/GAStatistics.C:354:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(cscore, &(tmp[(nconv%Nconv)+1]),
data/galib-2.4.7/ga/GAStatistics.C:360:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(cscore, tmp, (nconv+1) * sizeof(float));
data/galib-2.4.7/ga/GAStatistics.C:364:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&(cscore[n-(nconv%Nconv)-1]), tmp,
data/galib-2.4.7/ga/GAStatistics.C:366:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(cscore, &(tmp[Nconv-(1+n-(nconv%Nconv))]), sizeof(float));
data/galib-2.4.7/ga/GAStatistics.C:369:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(cscore, &(tmp[1+(nconv%Nconv)-n]), n * sizeof(float));
data/galib-2.4.7/ga/GAStatistics.C:450:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(gen, tmpi, (n < Nscrs ? n : Nscrs)*sizeof(int));
data/galib-2.4.7/ga/GAStatistics.C:455:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(aveScore, tmpf, (n < Nscrs ? n : Nscrs)*sizeof(float));
data/galib-2.4.7/ga/GAStatistics.C:460:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(maxScore, tmpf, (n < Nscrs ? n : Nscrs)*sizeof(float));
data/galib-2.4.7/ga/GAStatistics.C:465:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(minScore, tmpf, (n < Nscrs ? n : Nscrs)*sizeof(float));
data/galib-2.4.7/ga/GAStatistics.C:470:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(devScore, tmpf, (n < Nscrs ? n : Nscrs)*sizeof(float));
data/galib-2.4.7/ga/GAStatistics.C:475:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(divScore, tmpf, (n < Nscrs ? n : Nscrs)*sizeof(float));
data/galib-2.4.7/ga/gabincvt.C:59:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(_gaerrbuf1,"string is %d bits, max is %d", nbits, _GA_MAX_BITS-1);
data/galib-2.4.7/ga/gabincvt.C:73:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(_gaerrbuf1,"string is %d bits, max is %d", nbits, _GA_MAX_BITS-1);
data/galib-2.4.7/ga/gabincvt.C:89:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(_gaerrbuf1,"desired: %f\tactual: %f\tdiscretization: %f",
data/galib-2.4.7/ga/gabincvt.C:91:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(_gaerrbuf2,"  nbits: %d\t\tmin: %f\t\tmax: %f",
data/galib-2.4.7/ga/gaerror.C:15:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char gaErrMsg[512];
data/galib-2.4.7/ga/gaerror.C:16:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char _gaerrbuf1[120];
data/galib-2.4.7/ga/gaerror.C:17:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char _gaerrbuf2[120];
data/galib-2.4.7/ga/gaerror.C:79:3:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
  strcat(gaErrMsg, "::");
data/galib-2.4.7/ga/gaerror.C:81:3:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
  strcat(gaErrMsg, ":\n  ");
data/galib-2.4.7/ga/gaerror.C:85:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(gaErrMsg, "  ");
data/galib-2.4.7/ga/gaerror.C:90:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(gaErrMsg, "  ");
data/galib-2.4.7/ga/gaerror.C:106:3:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
  strcat(gaErrMsg, "::");
data/galib-2.4.7/ga/gaerror.C:108:3:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
  strcat(gaErrMsg, ":\n  ");
data/galib-2.4.7/ga/gaerror.C:112:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(gaErrMsg, "  ");
data/galib-2.4.7/ga/gaerror.C:117:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(gaErrMsg, "  ");
data/galib-2.4.7/ga/gaerror.C:133:3:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
  strcat(gaErrMsg, ":\n  ");
data/galib-2.4.7/ga/gaerror.C:137:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(gaErrMsg, "  ");
data/galib-2.4.7/ga/gaerror.C:142:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(gaErrMsg, "  ");
data/galib-2.4.7/examples/ex14.C:55:15:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
  virtual int equal(const GAGenome& g) const;
data/galib-2.4.7/examples/ex14.C:56:15:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  virtual int read(istream & is);
data/galib-2.4.7/examples/ex14.C:116:18:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
RobotPathGenome::equal(const GAGenome& g) const {
data/galib-2.4.7/examples/ex14.C:120:21:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
    flag = list[i]->equal(*genome.list[i]);
data/galib-2.4.7/examples/ex14.C:125:18:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
RobotPathGenome::read(istream & is) {
data/galib-2.4.7/examples/ex5.C:52:15:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
  virtual int equal(const GAGenome& g) const;
data/galib-2.4.7/examples/ex5.C:53:15:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  virtual int read(istream & is);
data/galib-2.4.7/examples/ex5.C:109:18:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
CompositeGenome::equal(const GAGenome& g) const {
data/galib-2.4.7/examples/ex5.C:115:18:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
CompositeGenome::read(istream & is) {
data/galib-2.4.7/examples/ex7.C:82:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	params.read(parmfile);
data/galib-2.4.7/examples/gnu/BitString.cc:1401:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  int sl = strlen(s);
data/galib-2.4.7/examples/gnu/BitString.cc:1446:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  int sl = strlen(s);
data/galib-2.4.7/examples/gnu/Obstack.h:142:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  grow((const void*)s, strlen(s), 0); 
data/galib-2.4.7/examples/gnu/Obstack.h:179:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  grow((const void*)s, strlen(s), 0); 
data/galib-2.4.7/examples/gnu/bitstr.h:51:7:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
  int equal(const GAGenome & c) const {
data/galib-2.4.7/examples/pvmpop/PVMDemeGA.h:68:6:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
{arg.read(is); return(is);}
data/galib-2.4.7/ga/GA1DArrayGenome.C:143:21:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
GA1DArrayGenome<T>::read(STD_ISTREAM &) {
data/galib-2.4.7/ga/GA1DArrayGenome.C:187:21:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
GA1DArrayGenome<T>::equal(const GAGenome & c) const {
data/galib-2.4.7/ga/GA1DArrayGenome.C:312:27:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
GA1DArrayAlleleGenome<T>::read(STD_ISTREAM& is){
data/galib-2.4.7/ga/GA1DArrayGenome.C:313:30:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  return GA1DArrayGenome<T>::read(is);
data/galib-2.4.7/ga/GA1DArrayGenome.C:323:27:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
GA1DArrayAlleleGenome<T>::equal(const GAGenome & c) const {
data/galib-2.4.7/ga/GA1DArrayGenome.C:324:30:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
  return GA1DArrayGenome<T>::equal(c);
data/galib-2.4.7/ga/GA1DArrayGenome.h:72:15:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  virtual int read(STD_ISTREAM & is);
data/galib-2.4.7/ga/GA1DArrayGenome.h:76:15:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
  virtual int equal(const GAGenome & c) const ;
data/galib-2.4.7/ga/GA1DArrayGenome.h:159:15:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  virtual int read(STD_ISTREAM & is);
data/galib-2.4.7/ga/GA1DArrayGenome.h:163:15:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
  virtual int equal(const GAGenome & c) const ;
data/galib-2.4.7/ga/GA1DBinStrGenome.C:139:25:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
GA1DBinaryStringGenome::read(STD_ISTREAM & is)
data/galib-2.4.7/ga/GA1DBinStrGenome.C:208:25:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
GA1DBinaryStringGenome::equal(const GAGenome & c) const {
data/galib-2.4.7/ga/GA1DBinStrGenome.h:79:15:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  virtual int read(STD_ISTREAM & is);
data/galib-2.4.7/ga/GA1DBinStrGenome.h:83:15:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
  virtual int equal(const GAGenome & c) const;
data/galib-2.4.7/ga/GA2DArrayGenome.C:133:21:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
GA2DArrayGenome<T>::read(STD_ISTREAM &) {
data/galib-2.4.7/ga/GA2DArrayGenome.C:221:21:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
GA2DArrayGenome<T>::equal(const GAGenome & c) const
data/galib-2.4.7/ga/GA2DArrayGenome.C:360:27:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
GA2DArrayAlleleGenome<T>::read(STD_ISTREAM& is){
data/galib-2.4.7/ga/GA2DArrayGenome.C:361:30:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  return GA2DArrayGenome<T>::read(is);
data/galib-2.4.7/ga/GA2DArrayGenome.C:371:27:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
GA2DArrayAlleleGenome<T>::equal(const GAGenome & c) const {
data/galib-2.4.7/ga/GA2DArrayGenome.C:372:30:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
  return GA2DArrayGenome<T>::equal(c);
data/galib-2.4.7/ga/GA2DArrayGenome.h:54:15:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  virtual int read(STD_ISTREAM & is);
data/galib-2.4.7/ga/GA2DArrayGenome.h:58:15:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
  virtual int equal(const GAGenome & c) const;
data/galib-2.4.7/ga/GA2DArrayGenome.h:133:15:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  virtual int read(STD_ISTREAM & is);
data/galib-2.4.7/ga/GA2DArrayGenome.h:137:7:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
  int equal(const GAGenome & c) const ;
data/galib-2.4.7/ga/GA2DBinStrGenome.C:139:25:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
GA2DBinaryStringGenome::read(STD_ISTREAM & is)
data/galib-2.4.7/ga/GA2DBinStrGenome.C:322:25:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
GA2DBinaryStringGenome::equal(const GAGenome & c) const
data/galib-2.4.7/ga/GA2DBinStrGenome.h:63:15:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  virtual int read(STD_ISTREAM &);
data/galib-2.4.7/ga/GA2DBinStrGenome.h:67:15:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
  virtual int equal(const GAGenome & c) const;
data/galib-2.4.7/ga/GA3DArrayGenome.C:175:21:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
GA3DArrayGenome<T>::read(STD_ISTREAM &) {
data/galib-2.4.7/ga/GA3DArrayGenome.C:282:21:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
GA3DArrayGenome<T>::equal(const GAGenome & c) const
data/galib-2.4.7/ga/GA3DArrayGenome.C:440:27:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
GA3DArrayAlleleGenome<T>::read(STD_ISTREAM& is){
data/galib-2.4.7/ga/GA3DArrayGenome.C:441:30:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  return GA3DArrayGenome<T>::read(is);
data/galib-2.4.7/ga/GA3DArrayGenome.C:451:27:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
GA3DArrayAlleleGenome<T>::equal(const GAGenome & c) const {
data/galib-2.4.7/ga/GA3DArrayGenome.C:452:30:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
  return GA3DArrayGenome<T>::equal(c);
data/galib-2.4.7/ga/GA3DArrayGenome.h:56:15:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  virtual int read(STD_ISTREAM &);
data/galib-2.4.7/ga/GA3DArrayGenome.h:60:15:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
  virtual int equal(const GAGenome & c) const;
data/galib-2.4.7/ga/GA3DArrayGenome.h:143:15:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  virtual int read(STD_ISTREAM & is);
data/galib-2.4.7/ga/GA3DArrayGenome.h:147:15:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
  virtual int equal(const GAGenome & c) const ;
data/galib-2.4.7/ga/GA3DBinStrGenome.C:188:25:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
GA3DBinaryStringGenome::read(STD_ISTREAM & is)
data/galib-2.4.7/ga/GA3DBinStrGenome.C:434:25:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
GA3DBinaryStringGenome::equal(const GAGenome & c) const
data/galib-2.4.7/ga/GA3DBinStrGenome.h:64:15:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  virtual int read(STD_ISTREAM &);
data/galib-2.4.7/ga/GA3DBinStrGenome.h:68:15:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
  virtual int equal(const GAGenome & c) const;
data/galib-2.4.7/ga/GAAllele.C:248:17:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
GAAlleleSet<T>::read(STD_ISTREAM&){
data/galib-2.4.7/ga/GAAllele.h:139:7:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  int read(STD_ISTREAM &);
data/galib-2.4.7/ga/GAAllele.h:197:7:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
{ arg.read(is); return is; }
data/galib-2.4.7/ga/GABaseGA.C:304:10:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  params.read(filename, flag);
data/galib-2.4.7/ga/GABaseGA.C:312:10:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  params.read(is, flag);
data/galib-2.4.7/ga/GABaseGA.C:435:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    memcpy(tmpname, value, strlen((char*)value)+1);
data/galib-2.4.7/ga/GABaseGA.h:143:15:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  virtual int read(const char*){return 0;}
data/galib-2.4.7/ga/GABaseGA.h:144:15:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  virtual int read(STD_ISTREAM &){return 0;}
data/galib-2.4.7/ga/GABin2DecGenome.C:151:21:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
GABin2DecPhenotype::equal(const GABin2DecPhenotype & b) const {
data/galib-2.4.7/ga/GABin2DecGenome.C:269:18:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
GABin2DecGenome::read(STD_ISTREAM & is)
data/galib-2.4.7/ga/GABin2DecGenome.C:294:18:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
GABin2DecGenome::equal(const GAGenome& g) const {
data/galib-2.4.7/ga/GABin2DecGenome.C:296:35:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
  return((GA1DBinaryStringGenome::equal(b) && *ptype == *(b.ptype)) ?
data/galib-2.4.7/ga/GABin2DecGenome.h:83:7:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
  int equal(const GABin2DecPhenotype&) const;
data/galib-2.4.7/ga/GABin2DecGenome.h:91:12:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
  return a.equal(b);
data/galib-2.4.7/ga/GABin2DecGenome.h:96:13:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
  return (a.equal(b) ? 0 : 1);
data/galib-2.4.7/ga/GABin2DecGenome.h:128:15:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  virtual int read (STD_ISTREAM &);
data/galib-2.4.7/ga/GABin2DecGenome.h:132:15:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
  virtual int equal(const GAGenome &) const;
data/galib-2.4.7/ga/GADemeGA.h:102:6:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
{arg.read(is); return(is);}
data/galib-2.4.7/ga/GAGenome.h:209:15:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  virtual int read(STD_ISTREAM &)
data/galib-2.4.7/ga/GAGenome.h:215:15:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
  virtual int equal(const GAGenome &) const
data/galib-2.4.7/ga/GAGenome.h:218:15:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
    { return (equal(g) ? 0 : 1); }
data/galib-2.4.7/ga/GAGenome.h:280:10:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
{ genome.read(is); return(is); }
data/galib-2.4.7/ga/GAGenome.h:284:12:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
{ return a.equal(b); }
data/galib-2.4.7/ga/GAIncGA.h:91:7:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
{ arg.read(is); return(is); }
data/galib-2.4.7/ga/GAListGenome.C:109:18:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
GAListGenome<T>::equal(const GAGenome & c) const
data/galib-2.4.7/ga/GAListGenome.h:52:15:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
  virtual int equal(const GAGenome & c) const;
data/galib-2.4.7/ga/GAParameter.C:33:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    fname = new char[strlen(fn)+1];
data/galib-2.4.7/ga/GAParameter.C:39:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    sname = new char[strlen(sn)+1];
data/galib-2.4.7/ga/GAParameter.C:62:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    fname = new char[strlen(orig.fname)+1];
data/galib-2.4.7/ga/GAParameter.C:67:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    sname = new char[strlen(orig.sname)+1];
data/galib-2.4.7/ga/GAParameter.C:96:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      if(strlen((char*)v) > 0){
data/galib-2.4.7/ga/GAParameter.C:97:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	ptr = new char[strlen((char*)v)+1];
data/galib-2.4.7/ga/GAParameter.C:379:18:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
GAParameterList::read(STD_ISTREAM& is, GABoolean flag){
data/galib-2.4.7/ga/GAParameter.C:468:2:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
	strcpy(_gaerrbuf1, "");
data/galib-2.4.7/ga/GAParameter.C:471:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(_gaerrbuf1, "'");
data/galib-2.4.7/ga/GAParameter.C:478:5:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
    strcpy(_gaerrbuf1, "");
data/galib-2.4.7/ga/GAParameter.C:492:18:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
GAParameterList::read(const char* filename, GABoolean flag){
data/galib-2.4.7/ga/GAParameter.C:498:16:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  int status = read(infile, flag);
data/galib-2.4.7/ga/GAParameter.C:633:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  for(int i=strlen(str)-1; i>=0; i--)
data/galib-2.4.7/ga/GAParameter.h:96:7:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  int read(const char* filename, GABoolean flag=gaTrue);
data/galib-2.4.7/ga/GAParameter.h:97:7:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  int read(STD_ISTREAM & is, GABoolean flag=gaTrue);
data/galib-2.4.7/ga/GAParameter.h:111:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
{ plist.read(is); return is; }
data/galib-2.4.7/ga/GAPopulation.h:177:16:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  virtual void read(STD_ISTREAM &){}
data/galib-2.4.7/ga/GAPopulation.h:225:7:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
{ arg.read(is); return is; }
data/galib-2.4.7/ga/GARealGenome.C:121:31:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
GA1DArrayAlleleGenome<float>::read(STD_ISTREAM & is) {
data/galib-2.4.7/ga/GASStateGA.h:70:7:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
{ arg.read(is); return(is); }
data/galib-2.4.7/ga/GASimpleGA.h:67:7:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
{ arg.read(is); return(is); }
data/galib-2.4.7/ga/GAStatistics.C:48:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  scorefile = new char[strlen(gaDefScoreFilename)+1];
data/galib-2.4.7/ga/GAStatistics.C:133:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    scorefile = new char [strlen(orig.scorefile)+1];
data/galib-2.4.7/ga/GAStatistics.h:163:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    scorefile = new char[strlen(filename)+1];
data/galib-2.4.7/ga/GAStringGenome.C:57:30:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
GA1DArrayAlleleGenome<char>::read(STD_ISTREAM & is)
data/galib-2.4.7/ga/GATreeGenome.C:115:18:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
GATreeGenome<T>::equal(const GAGenome & c) const
data/galib-2.4.7/ga/GATreeGenome.h:51:15:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
  virtual int equal(const GAGenome & c) const;
data/galib-2.4.7/ga/gaerror.C:83:3:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
  strcat(gaErrMsg, "\n");
data/galib-2.4.7/ga/gaerror.C:87:5:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
    strcat(gaErrMsg, "\n");
data/galib-2.4.7/ga/gaerror.C:92:5:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
    strcat(gaErrMsg, "\n");
data/galib-2.4.7/ga/gaerror.C:110:3:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
  strcat(gaErrMsg, "\n");
data/galib-2.4.7/ga/gaerror.C:114:5:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
    strcat(gaErrMsg, "\n");
data/galib-2.4.7/ga/gaerror.C:119:5:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
    strcat(gaErrMsg, "\n");
data/galib-2.4.7/ga/gaerror.C:135:3:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
  strcat(gaErrMsg, "\n");
data/galib-2.4.7/ga/gaerror.C:139:5:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
    strcat(gaErrMsg, "\n");
data/galib-2.4.7/ga/gaerror.C:144:5:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
    strcat(gaErrMsg, "\n");

ANALYSIS SUMMARY:

Hits = 356
Lines analyzed = 35737 in approximately 1.00 seconds (35716 lines/second)
Physical Source Lines of Code (SLOC) = 24186
Hits@level = [0]   1 [1] 120 [2] 189 [3]   4 [4]  43 [5]   0
Hits@level+ = [0+] 357 [1+] 356 [2+] 236 [3+]  47 [4+]  43 [5+]   0
Hits/KSLOC@level+ = [0+] 14.7606 [1+] 14.7193 [2+] 9.75771 [3+] 1.94327 [4+] 1.77789 [5+]   0
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.