Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libhmsbeagle-3.1.2+dfsg/examples/complextest/complextest.cpp
Examining data/libhmsbeagle-3.1.2+dfsg/examples/fourtaxon/fourtaxon.cpp
Examining data/libhmsbeagle-3.1.2+dfsg/examples/fourtaxon/fourtaxon.h
Examining data/libhmsbeagle-3.1.2+dfsg/examples/matrixtest/matrixtest.cpp
Examining data/libhmsbeagle-3.1.2+dfsg/examples/oddstatetest/oddstatetest.cpp
Examining data/libhmsbeagle-3.1.2+dfsg/examples/standalone/hellobeagle/src/hello.cpp
Examining data/libhmsbeagle-3.1.2+dfsg/examples/swig_python/beagle_wrap.c
Examining data/libhmsbeagle-3.1.2+dfsg/examples/synthetictest/linalg.cpp
Examining data/libhmsbeagle-3.1.2+dfsg/examples/synthetictest/linalg.h
Examining data/libhmsbeagle-3.1.2+dfsg/examples/synthetictest/synthetictest.cpp
Examining data/libhmsbeagle-3.1.2+dfsg/examples/tinytest/tinytest.cpp
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/BeagleImpl.h
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/CPU/AVXDefinitions.h
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/CPU/BeagleCPU4StateAVXImpl.h
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/CPU/BeagleCPU4StateAVXImpl.hpp
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/CPU/BeagleCPU4StateImpl.h
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/CPU/BeagleCPU4StateImpl.hpp
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/CPU/BeagleCPU4StateSSEImpl.h
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/CPU/BeagleCPU4StateSSEImpl.hpp
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/CPU/BeagleCPUAVXImpl.h
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/CPU/BeagleCPUAVXImpl.hpp
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/CPU/BeagleCPUAVXPlugin.cpp
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/CPU/BeagleCPUAVXPlugin.h
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/CPU/BeagleCPUImpl.h
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/CPU/BeagleCPUImpl.hpp
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/CPU/BeagleCPUOpenMPPlugin.cpp
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/CPU/BeagleCPUOpenMPPlugin.h
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/CPU/BeagleCPUPlugin.cpp
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/CPU/BeagleCPUPlugin.h
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/CPU/BeagleCPUSSEImpl.h
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/CPU/BeagleCPUSSEImpl.hpp
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/CPU/BeagleCPUSSEPlugin.cpp
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/CPU/BeagleCPUSSEPlugin.h
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/CPU/EigenDecomposition.h
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/CPU/EigenDecompositionCube.h
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/CPU/EigenDecompositionCube.hpp
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/CPU/EigenDecompositionSquare.h
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/CPU/EigenDecompositionSquare.hpp
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/CPU/SSEDefinitions.h
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/CPU/Precision.h
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/BeagleGPUImpl.h
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/BeagleGPUImpl.hpp
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/CUDAPlugin.cpp
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/CUDAPlugin.h
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/GPUImplDefs.h
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/GPUImplHelper.cpp
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/GPUImplHelper.h
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/GPUInterfaceCUDA.cpp
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/GPUInterfaceOpenCL.cpp
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/KernelLauncher.cpp
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/KernelLauncher.h
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/KernelResource.cpp
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/KernelResource.h
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/OpenCLAlteraPlugin.cpp
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/OpenCLAlteraPlugin.h
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/OpenCLPlugin.cpp
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/OpenCLPlugin.h
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/Precision.h
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/GPUInterface.h
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/JNI/beagle_BeagleJNIWrapper.cpp
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/JNI/beagle_BeagleJNIWrapper.h
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/beagle.cpp
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/beagle.h
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/benchmark/BeagleBenchmark.cpp
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/benchmark/BeagleBenchmark.h
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/benchmark/linalg.cpp
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/benchmark/linalg.h
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/platform.h
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/plugin/BeaglePlugin.h
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/plugin/LibtoolSharedLibrary.h
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/plugin/Plugin.cpp
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/plugin/Plugin.h
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/plugin/SharedLibrary.h
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/plugin/UnixSharedLibrary.cpp
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/plugin/UnixSharedLibrary.h
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/plugin/WinSharedLibrary.cpp
Examining data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/plugin/WinSharedLibrary.h
FINAL RESULTS:
data/libhmsbeagle-3.1.2+dfsg/examples/swig_python/beagle_wrap.c:662:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(r,name);
data/libhmsbeagle-3.1.2+dfsg/examples/swig_python/beagle_wrap.c:793:25: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
# define PyOS_snprintf _snprintf
data/libhmsbeagle-3.1.2+dfsg/examples/swig_python/beagle_wrap.c:795:25: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
# define PyOS_snprintf snprintf
data/libhmsbeagle-3.1.2+dfsg/examples/swig_python/beagle_wrap.c:812:9: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
res = vsnprintf(buf, sizeof(buf), fmt, ap);
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/GPUInterfaceOpenCL.cpp:45:33: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, \
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/GPUInterfaceOpenCL.cpp:1046:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(deviceName, mpCountStr);
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/GPUInterfaceOpenCL.cpp:1055:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(deviceName, param_value);
data/libhmsbeagle-3.1.2+dfsg/examples/oddstatetest/oddstatetest.cpp:100:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(42); // fix the random seed...
data/libhmsbeagle-3.1.2+dfsg/examples/synthetictest/synthetictest.cpp:83:9: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(seed);
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/plugin/WinSharedLibrary.h:60:16: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
m_handle = LoadLibrary(libname.c_str());
data/libhmsbeagle-3.1.2+dfsg/examples/fourtaxon/fourtaxon.cpp:859:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
niters = (unsigned)atoi(option.c_str());
data/libhmsbeagle-3.1.2+dfsg/examples/fourtaxon/fourtaxon.cpp:870:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
rsrc_number = (unsigned)atoi(option.c_str());
data/libhmsbeagle-3.1.2+dfsg/examples/fourtaxon/fourtaxon.cpp:879:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
like_root_node = (unsigned)atoi(option.c_str());
data/libhmsbeagle-3.1.2+dfsg/examples/fourtaxon/fourtaxon.cpp:886:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int noption = (unsigned)atoi(option.c_str());
data/libhmsbeagle-3.1.2+dfsg/examples/fourtaxon/fourtaxon.cpp:909:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
calculate_derivatives = (unsigned)atoi(option.c_str());
data/libhmsbeagle-3.1.2+dfsg/examples/oddstatetest/oddstatetest.cpp:347:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*stateCount = (unsigned)atoi(option.c_str());
data/libhmsbeagle-3.1.2+dfsg/examples/oddstatetest/oddstatetest.cpp:350:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*ntaxa = (unsigned)atoi(option.c_str());
data/libhmsbeagle-3.1.2+dfsg/examples/oddstatetest/oddstatetest.cpp:353:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*nsites = (unsigned)atoi(option.c_str());
data/libhmsbeagle-3.1.2+dfsg/examples/oddstatetest/oddstatetest.cpp:356:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*rateCategoryCount = (unsigned)atoi(option.c_str());
data/libhmsbeagle-3.1.2+dfsg/examples/swig_python/beagle_wrap.c:613:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char hex[17] = "0123456789abcdef";
data/libhmsbeagle-3.1.2+dfsg/examples/swig_python/beagle_wrap.c:765:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newstr, cstr, len+1);
data/libhmsbeagle-3.1.2+dfsg/examples/swig_python/beagle_wrap.c:809:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[SWIG_PYBUFFER_SIZE * 2];
data/libhmsbeagle-3.1.2+dfsg/examples/swig_python/beagle_wrap.c:1493:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char result[SWIG_BUFFER_SIZE];
data/libhmsbeagle-3.1.2+dfsg/examples/swig_python/beagle_wrap.c:1860:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char result[SWIG_BUFFER_SIZE];
data/libhmsbeagle-3.1.2+dfsg/examples/swig_python/beagle_wrap.c:1874:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char result[SWIG_BUFFER_SIZE];
data/libhmsbeagle-3.1.2+dfsg/examples/swig_python/beagle_wrap.c:1885:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char result[SWIG_BUFFER_SIZE];
data/libhmsbeagle-3.1.2+dfsg/examples/swig_python/beagle_wrap.c:2015:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pack, ptr, size);
data/libhmsbeagle-3.1.2+dfsg/examples/swig_python/beagle_wrap.c:2033:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, sobj->pack, size);
data/libhmsbeagle-3.1.2+dfsg/examples/swig_python/beagle_wrap.c:2573:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mesg[256];
data/libhmsbeagle-3.1.2+dfsg/examples/swig_python/beagle_wrap.c:2710:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
return (int *)memcpy((int *)malloc(sizeof(int)),&value,sizeof(int));
data/libhmsbeagle-3.1.2+dfsg/examples/swig_python/beagle_wrap.c:2886:22: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
return (double *)memcpy((double *)malloc(sizeof(double)),&value,sizeof(double));
data/libhmsbeagle-3.1.2+dfsg/examples/swig_python/beagle_wrap.c:3045:22: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
*cptr = (char *)memcpy((char *)malloc((len + 1)*sizeof(char)), cstr, sizeof(char)*(len + 1));
data/libhmsbeagle-3.1.2+dfsg/examples/swig_python/beagle_wrap.c:3649:42: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
arg1->resourceName = (char *)(char *)memcpy((char *)malloc((size)*sizeof(char)), (const char *)(arg2), sizeof(char)*(size));
data/libhmsbeagle-3.1.2+dfsg/examples/swig_python/beagle_wrap.c:3710:38: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
arg1->implName = (char *)(char *)memcpy((char *)malloc((size)*sizeof(char)), (const char *)(arg2), sizeof(char)*(size));
data/libhmsbeagle-3.1.2+dfsg/examples/swig_python/beagle_wrap.c:3771:45: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
arg1->implDescription = (char *)(char *)memcpy((char *)malloc((size)*sizeof(char)), (const char *)(arg2), sizeof(char)*(size));
data/libhmsbeagle-3.1.2+dfsg/examples/swig_python/beagle_wrap.c:3925:34: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
arg1->name = (char *)(char *)memcpy((char *)malloc((size)*sizeof(char)), (const char *)(arg2), sizeof(char)*(size));
data/libhmsbeagle-3.1.2+dfsg/examples/swig_python/beagle_wrap.c:3986:41: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
arg1->description = (char *)(char *)memcpy((char *)malloc((size)*sizeof(char)), (const char *)(arg2), sizeof(char)*(size));
data/libhmsbeagle-3.1.2+dfsg/examples/swig_python/beagle_wrap.c:6097:53: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
resultobj = SWIG_NewPointerObj((BeagleOperation *)memcpy((BeagleOperation *)malloc(sizeof(BeagleOperation)),&result,sizeof(BeagleOperation)), SWIGTYPE_p_BeagleOperation, SWIG_POINTER_OWN | 0 );
data/libhmsbeagle-3.1.2+dfsg/examples/synthetictest/synthetictest.cpp:803:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*teigvecs, *eigvecs, stateCount*stateCount*sizeof(double));
data/libhmsbeagle-3.1.2+dfsg/examples/synthetictest/synthetictest.cpp:2216:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*stateCount = (unsigned)atoi(option.c_str());
data/libhmsbeagle-3.1.2+dfsg/examples/synthetictest/synthetictest.cpp:2219:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*ntaxa = (unsigned)atoi(option.c_str());
data/libhmsbeagle-3.1.2+dfsg/examples/synthetictest/synthetictest.cpp:2222:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*nsites = (unsigned)atoi(option.c_str());
data/libhmsbeagle-3.1.2+dfsg/examples/synthetictest/synthetictest.cpp:2225:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*rateCategoryCount = (unsigned)atoi(option.c_str());
data/libhmsbeagle-3.1.2+dfsg/examples/synthetictest/synthetictest.cpp:2237:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*nreps = (unsigned)atoi(option.c_str());
data/libhmsbeagle-3.1.2+dfsg/examples/synthetictest/synthetictest.cpp:2240:42: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*compactTipCount = (unsigned)atoi(option.c_str());
data/libhmsbeagle-3.1.2+dfsg/examples/synthetictest/synthetictest.cpp:2243:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*randomSeed = (unsigned)atoi(option.c_str());
data/libhmsbeagle-3.1.2+dfsg/examples/synthetictest/synthetictest.cpp:2246:43: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*rescaleFrequency = (unsigned)atoi(option.c_str());
data/libhmsbeagle-3.1.2+dfsg/examples/synthetictest/synthetictest.cpp:2249:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*eigenCount = (unsigned)atoi(option.c_str());
data/libhmsbeagle-3.1.2+dfsg/examples/synthetictest/synthetictest.cpp:2252:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*partitions = (unsigned)atoi(option.c_str());
data/libhmsbeagle-3.1.2+dfsg/examples/synthetictest/synthetictest.cpp:2255:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*threadCount = (unsigned)atoi(option.c_str());
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/CPU/BeagleCPUImpl.hpp:698:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(gCategoryRates[categoryRatesIndex], inCategoryRates, sizeof(double) * kCategoryCount);
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/CPU/BeagleCPUImpl.hpp:712:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(gCategoryRates[categoryRatesIndex], inCategoryRates, sizeof(double) * kCategoryCount);
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/CPU/BeagleCPUImpl.hpp:719:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(gPatternWeights, inPatternWeights, sizeof(double) * kPatternCount);
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/CPU/BeagleCPUImpl.hpp:810:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(gPatternPartitions, inPatternPartitions, sizeof(int) * kPatternCount);
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/CPU/BeagleCPUImpl.hpp:2046:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(gScaleBuffers[destScalingIndex],gScaleBuffers[srcScalingIndex],sizeof(REALTYPE) * kPatternCount);
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/CPU/Precision.h:27:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( to, from, length*sizeof(F) );
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/BeagleGPUImpl.hpp:904:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hPartialsCache + i * partialsLength, hPartialsCache, partialsLength * sizeof(Real));
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/BeagleGPUImpl.hpp:1161:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hCategoryRates[0], categoryRates, sizeof(double) * kCategoryCount);
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/BeagleGPUImpl.hpp:1188:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hCategoryRates[categoryRatesIndex], categoryRates, sizeof(double) * kCategoryCount);
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/BeagleGPUImpl.hpp:1262:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hPatternPartitions, inPatternPartitions, sizeof(int) * kPatternCount);
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/GPUInterfaceCUDA.cpp:911:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(deviceDescription,
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/GPUInterfaceOpenCL.cpp:143:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char param_value[param_size];
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/GPUInterfaceOpenCL.cpp:365:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(file_name, "rb");
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/GPUInterfaceOpenCL.cpp:404:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buildDefs[1024] = "-w -D FW_OPENCL -D OPENCL_KERNEL_BUILD ";
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/GPUInterfaceOpenCL.cpp:406:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buildDefs, "-D DLS_MACOS ");
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/GPUInterfaceOpenCL.cpp:408:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buildDefs, "-profiling -s \"C:\\developer\\beagle-lib\\project\\beagle-vs-2012\\x64\\Release\\kernels.cl\" ");
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/GPUInterfaceOpenCL.cpp:415:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buildDefs, "-D FW_OPENCL_CPU");
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/GPUInterfaceOpenCL.cpp:417:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buildDefs, "-D FW_OPENCL_CPU -D FW_OPENCL_APPLECPU");
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/GPUInterfaceOpenCL.cpp:419:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buildDefs, "-D FW_OPENCL_AMDGPU");
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/GPUInterfaceOpenCL.cpp:421:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buildDefs, "-D FW_OPENCL_AMDGPU -D FW_OPENCL_APPLEAMDGPU");
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/GPUInterfaceOpenCL.cpp:423:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buildDefs, "-D FW_OPENCL_INTELGPU -D FW_OPENCL_APPLEINTELGPU");
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/GPUInterfaceOpenCL.cpp:429:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[16384];
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/GPUInterfaceOpenCL.cpp:847:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char param_value[param_size];
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/GPUInterfaceOpenCL.cpp:880:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char param_value[param_size];
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/GPUInterfaceOpenCL.cpp:1043:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mpCountStr[12];
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/GPUInterfaceOpenCL.cpp:1044:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mpCountStr, "%d", mpCount);
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/GPUInterfaceOpenCL.cpp:1045:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(deviceName, " (");
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/GPUInterfaceOpenCL.cpp:1047:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
(mpCount==1?strcat(deviceName, " compute unit)"):strcat(deviceName, " compute units)"));
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/GPUInterfaceOpenCL.cpp:1047:54: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
(mpCount==1?strcat(deviceName, " compute unit)"):strcat(deviceName, " compute units)"));
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/GPUInterfaceOpenCL.cpp:1051:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char param_value[param_size];
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/GPUInterfaceOpenCL.cpp:1054:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(deviceName, " (");
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/GPUInterfaceOpenCL.cpp:1091:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(deviceDescription,
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/GPUInterfaceOpenCL.cpp:1157:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char device_string[param_size];
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/GPUInterfaceOpenCL.cpp:1158:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char platform_string[param_size];
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/Precision.h:21:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( to, from, length*sizeof(F) );
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/benchmark/BeagleBenchmark.cpp:357:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*teigvecs, *eigvecs, stateCount*stateCount*sizeof(double));
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/plugin/WinSharedLibrary.h:64:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[255];
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/plugin/WinSharedLibrary.h:65:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buffer,"Open Library Failure");
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/plugin/WinSharedLibrary.h:75:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[255];
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/plugin/WinSharedLibrary.h:86:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[255];
data/libhmsbeagle-3.1.2+dfsg/examples/complextest/complextest.cpp:27:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int n = strlen(sequence);
data/libhmsbeagle-3.1.2+dfsg/examples/complextest/complextest.cpp:53:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int n = strlen(sequence);
data/libhmsbeagle-3.1.2+dfsg/examples/complextest/complextest.cpp:105:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int nPatterns = strlen(human);
data/libhmsbeagle-3.1.2+dfsg/examples/complextest/complextest.cpp:308:5: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getchar();
data/libhmsbeagle-3.1.2+dfsg/examples/fourtaxon/fourtaxon.cpp:1025:5: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getchar();
data/libhmsbeagle-3.1.2+dfsg/examples/matrixtest/matrixtest.cpp:27:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int n = strlen(sequence);
data/libhmsbeagle-3.1.2+dfsg/examples/matrixtest/matrixtest.cpp:53:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int n = strlen(sequence);
data/libhmsbeagle-3.1.2+dfsg/examples/matrixtest/matrixtest.cpp:160:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int nPatterns = strlen(human);
data/libhmsbeagle-3.1.2+dfsg/examples/matrixtest/matrixtest.cpp:389:5: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getchar();
data/libhmsbeagle-3.1.2+dfsg/examples/oddstatetest/oddstatetest.cpp:451:5: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getchar();
data/libhmsbeagle-3.1.2+dfsg/examples/swig_python/beagle_wrap.c:366:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const char* te = tb + strlen(tb);
data/libhmsbeagle-3.1.2+dfsg/examples/swig_python/beagle_wrap.c:385:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const char* te = tb + strlen(tb);
data/libhmsbeagle-3.1.2+dfsg/examples/swig_python/beagle_wrap.c:661:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) + 1 > (bsz - (r - buff))) return 0;
data/libhmsbeagle-3.1.2+dfsg/examples/swig_python/beagle_wrap.c:682:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t lname = (name ? strlen(name) : 0);
data/libhmsbeagle-3.1.2+dfsg/examples/swig_python/beagle_wrap.c:687:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(r,name,lname+1);
data/libhmsbeagle-3.1.2+dfsg/examples/swig_python/beagle_wrap.c:846:91: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
# define PyString_AsStringAndSize(obj, s, len) {*s = PyString_AsString(obj); *len = *s ? strlen(*s) : 0;}
data/libhmsbeagle-3.1.2+dfsg/examples/swig_python/beagle_wrap.c:3070:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (psize) *psize = vptr ? (strlen((char *)vptr) + 1) : 0;
data/libhmsbeagle-3.1.2+dfsg/examples/swig_python/beagle_wrap.c:3107:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return SWIG_FromCharPtrAndSize(cptr, (cptr ? strlen(cptr) : 0));
data/libhmsbeagle-3.1.2+dfsg/examples/swig_python/beagle_wrap.c:3648:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t size = strlen((const char *)(arg2)) + 1;
data/libhmsbeagle-3.1.2+dfsg/examples/swig_python/beagle_wrap.c:3709:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t size = strlen((const char *)(arg2)) + 1;
data/libhmsbeagle-3.1.2+dfsg/examples/swig_python/beagle_wrap.c:3770:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t size = strlen((const char *)(arg2)) + 1;
data/libhmsbeagle-3.1.2+dfsg/examples/swig_python/beagle_wrap.c:3924:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t size = strlen((const char *)(arg2)) + 1;
data/libhmsbeagle-3.1.2+dfsg/examples/swig_python/beagle_wrap.c:3985:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t size = strlen((const char *)(arg2)) + 1;
data/libhmsbeagle-3.1.2+dfsg/examples/swig_python/beagle_wrap.c:6740:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t size = strlen(name)+1;
data/libhmsbeagle-3.1.2+dfsg/examples/swig_python/beagle_wrap.c:6743:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(gv->name,name,size);
data/libhmsbeagle-3.1.2+dfsg/examples/swig_python/beagle_wrap.c:6805:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(const_table[j].name)) == 0) {
data/libhmsbeagle-3.1.2+dfsg/examples/swig_python/beagle_wrap.c:6814:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t lptr = strlen(ty->name)+2*sizeof(void*)+2;
data/libhmsbeagle-3.1.2+dfsg/examples/swig_python/beagle_wrap.c:6820:15: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buff, methods[i].ml_doc, ldoc);
data/libhmsbeagle-3.1.2+dfsg/examples/swig_python/beagle_wrap.c:6822:15: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(buff, "swig_ptr: ", 10);
data/libhmsbeagle-3.1.2+dfsg/examples/tinytest/tinytest.cpp:24:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int n = strlen(sequence);
data/libhmsbeagle-3.1.2+dfsg/examples/tinytest/tinytest.cpp:50:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int n = strlen(sequence);
data/libhmsbeagle-3.1.2+dfsg/examples/tinytest/tinytest.cpp:142:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int nPatterns = strlen(human);
data/libhmsbeagle-3.1.2+dfsg/examples/tinytest/tinytest.cpp:357:5: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getchar();
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/GPUInterfaceOpenCL.cpp:1056:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(deviceName, ")");
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/GPUInterfaceOpenCL.cpp:1167:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp("Intel", platform_string, strlen("Intel"))) {
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/GPUInterfaceOpenCL.cpp:1174:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (!strncmp("AMD", platform_string, strlen("AMD"))) {
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/GPUInterfaceOpenCL.cpp:1179:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (!strncmp("Apple", platform_string, strlen("Apple"))) {
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/GPUInterfaceOpenCL.cpp:1182:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!strncmp("AMD", device_string, strlen("AMD")) &&
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/GPUInterfaceOpenCL.cpp:1185:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (!strncmp("Intel", device_string, strlen("Intel")) &&
data/libhmsbeagle-3.1.2+dfsg/libhmsbeagle/GPU/GPUInterfaceOpenCL.cpp:1188:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (!strncmp("NVIDIA", platform_string, strlen("NVIDIA"))) {
ANALYSIS SUMMARY:
Hits = 130
Lines analyzed = 42779 in approximately 1.17 seconds (36660 lines/second)
Physical Source Lines of Code (SLOC) = 31020
Hits@level = [0] 611 [1] 40 [2] 80 [3] 3 [4] 7 [5] 0
Hits@level+ = [0+] 741 [1+] 130 [2+] 90 [3+] 10 [4+] 7 [5+] 0
Hits/KSLOC@level+ = [0+] 23.8878 [1+] 4.19084 [2+] 2.90135 [3+] 0.322373 [4+] 0.225661 [5+] 0
Dot directories skipped = 2 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.