Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/gemma-0.98.1+dfsg/src/bslmm.cpp Examining data/gemma-0.98.1+dfsg/src/bslmm.h Examining data/gemma-0.98.1+dfsg/src/bslmmdap.cpp Examining data/gemma-0.98.1+dfsg/src/bslmmdap.h Examining data/gemma-0.98.1+dfsg/src/debug.cpp Examining data/gemma-0.98.1+dfsg/src/debug.h Examining data/gemma-0.98.1+dfsg/src/eigenlib.cpp Examining data/gemma-0.98.1+dfsg/src/eigenlib.h Examining data/gemma-0.98.1+dfsg/src/fastblas.cpp Examining data/gemma-0.98.1+dfsg/src/fastblas.h Examining data/gemma-0.98.1+dfsg/src/fastopenblas.h Examining data/gemma-0.98.1+dfsg/src/gemma.cpp Examining data/gemma-0.98.1+dfsg/src/gemma.h Examining data/gemma-0.98.1+dfsg/src/gemma_io.cpp Examining data/gemma-0.98.1+dfsg/src/gemma_io.h Examining data/gemma-0.98.1+dfsg/src/gzstream.cpp Examining data/gemma-0.98.1+dfsg/src/gzstream.h Examining data/gemma-0.98.1+dfsg/src/lapack.cpp Examining data/gemma-0.98.1+dfsg/src/lapack.h Examining data/gemma-0.98.1+dfsg/src/ldr.cpp Examining data/gemma-0.98.1+dfsg/src/ldr.h Examining data/gemma-0.98.1+dfsg/src/lm.cpp Examining data/gemma-0.98.1+dfsg/src/lm.h Examining data/gemma-0.98.1+dfsg/src/lmm.cpp Examining data/gemma-0.98.1+dfsg/src/lmm.h Examining data/gemma-0.98.1+dfsg/src/logistic.cpp Examining data/gemma-0.98.1+dfsg/src/logistic.h Examining data/gemma-0.98.1+dfsg/src/main.cpp Examining data/gemma-0.98.1+dfsg/src/mathfunc.cpp Examining data/gemma-0.98.1+dfsg/src/mathfunc.h Examining data/gemma-0.98.1+dfsg/src/mvlmm.cpp Examining data/gemma-0.98.1+dfsg/src/mvlmm.h Examining data/gemma-0.98.1+dfsg/src/param.cpp Examining data/gemma-0.98.1+dfsg/src/param.h Examining data/gemma-0.98.1+dfsg/src/prdt.cpp Examining data/gemma-0.98.1+dfsg/src/prdt.h Examining data/gemma-0.98.1+dfsg/src/varcov.cpp Examining data/gemma-0.98.1+dfsg/src/varcov.h Examining data/gemma-0.98.1+dfsg/src/vc.cpp Examining data/gemma-0.98.1+dfsg/src/vc.h Examining data/gemma-0.98.1+dfsg/src/version.h Examining data/gemma-0.98.1+dfsg/test/src/unittests-main.cpp Examining data/gemma-0.98.1+dfsg/test/src/unittests-math.cpp FINAL RESULTS: data/gemma-0.98.1+dfsg/src/gemma_io.cpp:143:12: [3] (random) setstate: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. is.setstate(std::ios::eofbit); data/gemma-0.98.1+dfsg/src/bslmm.cpp:247:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). outfile_gamma.open(file_gamma.c_str(), ofstream::out); data/gemma-0.98.1+dfsg/src/bslmm.cpp:248:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). outfile_hyp.open(file_hyp.c_str(), ofstream::out); data/gemma-0.98.1+dfsg/src/bslmm.cpp:265:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). outfile_gamma.open(file_gamma.c_str(), ofstream::app); data/gemma-0.98.1+dfsg/src/bslmm.cpp:266:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). outfile_hyp.open(file_hyp.c_str(), ofstream::app); data/gemma-0.98.1+dfsg/src/bslmmdap.cpp:269:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). catd.push_back(atoi(ch_ptr)); data/gemma-0.98.1+dfsg/src/bslmmdap.cpp:343:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). outfile_bf.open(file_bf.c_str(), ofstream::out); data/gemma-0.98.1+dfsg/src/bslmmdap.cpp:344:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). outfile_hyp.open(file_hyp.c_str(), ofstream::out); data/gemma-0.98.1+dfsg/src/bslmmdap.cpp:423:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). outfile_gamma.open(file_gamma.c_str(), ofstream::out); data/gemma-0.98.1+dfsg/src/bslmmdap.cpp:424:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). outfile_hyp.open(file_hyp.c_str(), ofstream::out); data/gemma-0.98.1+dfsg/src/bslmmdap.cpp:425:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). outfile_coef.open(file_coef.c_str(), ofstream::out); data/gemma-0.98.1+dfsg/src/fastblas.cpp:58:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(v->block->data,&mem[r*cols],cols*sizeof(double)); data/gemma-0.98.1+dfsg/src/gemma.cpp:991:35: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cPar.est_column.push_back(atoi(str.c_str())); data/gemma-0.98.1+dfsg/src/gemma.cpp:1048:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cPar.k_mode = atoi(str.c_str()); data/gemma-0.98.1+dfsg/src/gemma.cpp:1055:35: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). (cPar.p_column).push_back(atoi(str.c_str())); data/gemma-0.98.1+dfsg/src/gemma.cpp:1064:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cPar.d_pace = atoi(str.c_str()); data/gemma-0.98.1+dfsg/src/gemma.cpp:1138:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cPar.a_mode = 20 + atoi(str.c_str()); data/gemma-0.98.1+dfsg/src/gemma.cpp:1154:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cPar.a_mode = 24 + atoi(str.c_str()); data/gemma-0.98.1+dfsg/src/gemma.cpp:1170:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cPar.a_mode = 26 + atoi(str.c_str()); data/gemma-0.98.1+dfsg/src/gemma.cpp:1186:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cPar.a_mode = 71 + atoi(str.c_str()); data/gemma-0.98.1+dfsg/src/gemma.cpp:1194:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cPar.ni_subsample = atoi(str.c_str()); data/gemma-0.98.1+dfsg/src/gemma.cpp:1210:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cPar.a_mode = 30 + atoi(str.c_str()); data/gemma-0.98.1+dfsg/src/gemma.cpp:1226:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cPar.a_mode = 70 + atoi(str.c_str()); data/gemma-0.98.1+dfsg/src/gemma.cpp:1242:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cPar.a_mode = 60 + atoi(str.c_str()); data/gemma-0.98.1+dfsg/src/gemma.cpp:1258:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cPar.a_mode = 65 + atoi(str.c_str()); data/gemma-0.98.1+dfsg/src/gemma.cpp:1279:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cPar.n_block = atoi(str.c_str()); data/gemma-0.98.1+dfsg/src/gemma.cpp:1297:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cPar.a_mode = 50 + atoi(str.c_str()); data/gemma-0.98.1+dfsg/src/gemma.cpp:1313:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cPar.a_mode = atoi(str.c_str()); data/gemma-0.98.1+dfsg/src/gemma.cpp:1337:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cPar.n_region = atoi(str.c_str()); data/gemma-0.98.1+dfsg/src/gemma.cpp:1353:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cPar.em_iter = atoi(str.c_str()); data/gemma-0.98.1+dfsg/src/gemma.cpp:1361:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cPar.nr_iter = atoi(str.c_str()); data/gemma-0.98.1+dfsg/src/gemma.cpp:1369:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cPar.ni_max = atoi(str.c_str()); // for testing purposes data/gemma-0.98.1+dfsg/src/gemma.cpp:1378:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). auto issue = atoi(str.c_str()); // for testing purposes data/gemma-0.98.1+dfsg/src/gemma.cpp:1414:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cPar.a_mode = 10 + atoi(str.c_str()); data/gemma-0.98.1+dfsg/src/gemma.cpp:1470:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cPar.s_min = atoi(str.c_str()); data/gemma-0.98.1+dfsg/src/gemma.cpp:1478:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cPar.s_max = atoi(str.c_str()); data/gemma-0.98.1+dfsg/src/gemma.cpp:1518:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cPar.w_step = atoi(str.c_str()); data/gemma-0.98.1+dfsg/src/gemma.cpp:1526:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cPar.s_step = atoi(str.c_str()); data/gemma-0.98.1+dfsg/src/gemma.cpp:1534:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cPar.r_pace = atoi(str.c_str()); data/gemma-0.98.1+dfsg/src/gemma.cpp:1542:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cPar.w_pace = atoi(str.c_str()); data/gemma-0.98.1+dfsg/src/gemma.cpp:1550:23: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cPar.randseed = atol(str.c_str()); data/gemma-0.98.1+dfsg/src/gemma.cpp:1558:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cPar.n_mh = atoi(str.c_str()); data/gemma-0.98.1+dfsg/src/gemma.cpp:1574:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cPar.a_mode = 40 + atoi(str.c_str()); data/gemma-0.98.1+dfsg/src/gemma.cpp:1590:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cPar.window_bp = atoi(str.c_str()); data/gemma-0.98.1+dfsg/src/gemma.cpp:1598:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cPar.window_ns = atoi(str.c_str()); data/gemma-0.98.1+dfsg/src/gemma_io.cpp:306:15: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). b_pos = atol(ch_ptr); data/gemma-0.98.1+dfsg/src/gemma_io.cpp:539:13: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). b_pos = atol(ch_ptr); data/gemma-0.98.1+dfsg/src/gemma_io.cpp:883:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ch[1]; data/gemma-0.98.1+dfsg/src/gemma_io.cpp:1109:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ch[1]; data/gemma-0.98.1+dfsg/src/gemma_io.cpp:1553:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ch[1]; data/gemma-0.98.1+dfsg/src/gemma_io.cpp:1910:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ch[1]; data/gemma-0.98.1+dfsg/src/gemma_io.cpp:2048:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ch[1]; data/gemma-0.98.1+dfsg/src/gemma_io.cpp:2640:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). } else if (atoi(ch_ptr) == 1 || atoi(ch_ptr) == 0) { data/gemma-0.98.1+dfsg/src/gemma_io.cpp:2640:39: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). } else if (atoi(ch_ptr) == 1 || atoi(ch_ptr) == 0) { data/gemma-0.98.1+dfsg/src/gemma_io.cpp:2647:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (atoi(ch_ptr) == 1 && mapRS2cat.count(rs) == 0) { data/gemma-0.98.1+dfsg/src/gemma_io.cpp:2905:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ch[1]; data/gemma-0.98.1+dfsg/src/gemma_io.cpp:3412:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). n_total = atoi(ch_ptr); data/gemma-0.98.1+dfsg/src/gemma_io.cpp:3415:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). n_mis = atoi(ch_ptr); data/gemma-0.98.1+dfsg/src/gemma_io.cpp:3418:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). n_obs = atoi(ch_ptr); data/gemma-0.98.1+dfsg/src/gemma_io.cpp:3421:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). n_case = atoi(ch_ptr); data/gemma-0.98.1+dfsg/src/gemma_io.cpp:3424:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). n_control = atoi(ch_ptr); data/gemma-0.98.1+dfsg/src/gemma_io.cpp:3594:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). n_total = atoi(ch_ptr); data/gemma-0.98.1+dfsg/src/gemma_io.cpp:3597:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). n_mis = atoi(ch_ptr); data/gemma-0.98.1+dfsg/src/gemma_io.cpp:3600:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). n_obs = atoi(ch_ptr); data/gemma-0.98.1+dfsg/src/gemma_io.cpp:3603:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). n_case = atoi(ch_ptr); data/gemma-0.98.1+dfsg/src/gemma_io.cpp:3606:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). n_control = atoi(ch_ptr); data/gemma-0.98.1+dfsg/src/gzstream.cpp:45:27: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). gzstreambuf *gzstreambuf::open(const char *name, int open_mode) { data/gemma-0.98.1+dfsg/src/gzstream.cpp:53:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fmode[10]; data/gemma-0.98.1+dfsg/src/gzstream.cpp:88:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buffer + (4 - n_putback), gptr() - n_putback, n_putback); data/gemma-0.98.1+dfsg/src/gzstream.cpp:142:3: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). open(name, mode); data/gemma-0.98.1+dfsg/src/gzstream.cpp:147:20: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void gzstreambase::open(const char *name, int open_mode) { data/gemma-0.98.1+dfsg/src/gzstream.cpp:148:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!buf.open(name, open_mode)) data/gemma-0.98.1+dfsg/src/gzstream.h:51:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[bufferSize]; // data buffer data/gemma-0.98.1+dfsg/src/gzstream.h:66:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). gzstreambuf *open(const char *name, int open_mode); data/gemma-0.98.1+dfsg/src/gzstream.h:83:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void open(const char *name, int open_mode); data/gemma-0.98.1+dfsg/src/gzstream.h:100:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void open(const char *name, int open_mode = std::ios::in) { data/gemma-0.98.1+dfsg/src/gzstream.h:101:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). gzstreambase::open(name, open_mode); data/gemma-0.98.1+dfsg/src/gzstream.h:111:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void open(const char *name, int open_mode = std::ios::out) { data/gemma-0.98.1+dfsg/src/gzstream.h:112:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). gzstreambase::open(name, open_mode); data/gemma-0.98.1+dfsg/src/lm.cpp:508:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ch[1]; data/gemma-0.98.1+dfsg/src/lmm.cpp:1707:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ch[1]; data/gemma-0.98.1+dfsg/src/lmm.cpp:2388:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ch[1]; data/gemma-0.98.1+dfsg/src/main.cpp:48:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cGemma.PrintHelp(atoi(str.c_str())); data/gemma-0.98.1+dfsg/src/mvlmm.cpp:3423:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ch[1]; data/gemma-0.98.1+dfsg/src/mvlmm.cpp:4416:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ch[1]; data/gemma-0.98.1+dfsg/src/prdt.cpp:319:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ch[1]; data/gemma-0.98.1+dfsg/src/varcov.cpp:83:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). outfile.open(file_cov.c_str(), ofstream::out); data/gemma-0.98.1+dfsg/src/varcov.cpp:111:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). outfile.open(file_cov.c_str(), ofstream::app); data/gemma-0.98.1+dfsg/src/vc.cpp:714:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). n_total = atoi(ch_ptr); data/gemma-0.98.1+dfsg/src/vc.cpp:717:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). n_mis = atoi(ch_ptr); data/gemma-0.98.1+dfsg/src/vc.cpp:720:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). n_obs = atoi(ch_ptr); data/gemma-0.98.1+dfsg/src/vc.cpp:898:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). n_total = atoi(ch_ptr); data/gemma-0.98.1+dfsg/src/vc.cpp:901:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). n_mis = atoi(ch_ptr); data/gemma-0.98.1+dfsg/src/vc.cpp:904:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). n_obs = atoi(ch_ptr); data/gemma-0.98.1+dfsg/src/vc.cpp:1093:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). n_total = atoi(ch_ptr); data/gemma-0.98.1+dfsg/src/vc.cpp:1096:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). n_mis = atoi(ch_ptr); data/gemma-0.98.1+dfsg/src/vc.cpp:1099:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). n_obs = atoi(ch_ptr); data/gemma-0.98.1+dfsg/src/vc.cpp:2325:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ch[1]; data/gemma-0.98.1+dfsg/src/vc.cpp:2578:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ch[1]; data/gemma-0.98.1+dfsg/src/gemma_io.cpp:903:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). infile.read(ch, 1); data/gemma-0.98.1+dfsg/src/gemma_io.cpp:936:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). infile.read(ch, 1); data/gemma-0.98.1+dfsg/src/gemma_io.cpp:1117:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). infile.read(ch, 1); data/gemma-0.98.1+dfsg/src/gemma_io.cpp:1579:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). infile.read(ch, 1); data/gemma-0.98.1+dfsg/src/gemma_io.cpp:1600:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). infile.read(ch, 1); data/gemma-0.98.1+dfsg/src/gemma_io.cpp:1927:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). infile.read(ch, 1); data/gemma-0.98.1+dfsg/src/gemma_io.cpp:1956:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). infile.read(ch, 1); data/gemma-0.98.1+dfsg/src/gemma_io.cpp:2063:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). infile.read(ch, 1); data/gemma-0.98.1+dfsg/src/gemma_io.cpp:2092:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). infile.read(ch, 1); data/gemma-0.98.1+dfsg/src/gemma_io.cpp:2950:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). infile.read(ch, 1); data/gemma-0.98.1+dfsg/src/gemma_io.cpp:2974:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). infile.read(ch, 1); data/gemma-0.98.1+dfsg/src/lm.cpp:544:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). infile.read(ch, 1); data/gemma-0.98.1+dfsg/src/lm.cpp:565:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). infile.read(ch, 1); data/gemma-0.98.1+dfsg/src/lmm.cpp:1742:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). infile.read(ch, 1); data/gemma-0.98.1+dfsg/src/lmm.cpp:1769:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). infile.read(ch, 1); data/gemma-0.98.1+dfsg/src/lmm.cpp:2422:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). infile.read(ch, 1); data/gemma-0.98.1+dfsg/src/lmm.cpp:2443:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). infile.read(ch, 1); data/gemma-0.98.1+dfsg/src/mvlmm.cpp:3657:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). infile.read(ch, 1); data/gemma-0.98.1+dfsg/src/mvlmm.cpp:3685:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). infile.read(ch, 1); data/gemma-0.98.1+dfsg/src/mvlmm.cpp:4649:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). infile.read(ch, 1); data/gemma-0.98.1+dfsg/src/mvlmm.cpp:4670:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). infile.read(ch, 1); data/gemma-0.98.1+dfsg/src/prdt.cpp:337:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). infile.read(ch, 1); data/gemma-0.98.1+dfsg/src/prdt.cpp:367:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). infile.read(ch, 1); data/gemma-0.98.1+dfsg/src/vc.cpp:2349:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). infile.read(ch, 1); data/gemma-0.98.1+dfsg/src/vc.cpp:2371:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). infile.read(ch, 1); data/gemma-0.98.1+dfsg/src/vc.cpp:2599:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). infile.read(ch, 1); data/gemma-0.98.1+dfsg/src/vc.cpp:2621:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). infile.read(ch, 1); ANALYSIS SUMMARY: Hits = 126 Lines analyzed = 30109 in approximately 0.75 seconds (40237 lines/second) Physical Source Lines of Code (SLOC) = 23139 Hits@level = [0] 31 [1] 27 [2] 98 [3] 1 [4] 0 [5] 0 Hits@level+ = [0+] 157 [1+] 126 [2+] 99 [3+] 1 [4+] 0 [5+] 0 Hits/KSLOC@level+ = [0+] 6.78508 [1+] 5.44535 [2+] 4.27849 [3+] 0.0432171 [4+] 0 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.