Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/libncl-2.1.21+git20190531.feceb81/example/basiccmdline/basiccmdline.cpp Examining data/libncl-2.1.21+git20190531.feceb81/example/basiccmdline/basiccmdline.h Examining data/libncl-2.1.21+git20190531.feceb81/example/check-taxo-nodes/checktaxonnodes.cpp Examining data/libncl-2.1.21+git20190531.feceb81/example/compressor/compressor.cpp Examining data/libncl-2.1.21+git20190531.feceb81/example/find-unsupported-edges/findunsupportededges.cpp Examining data/libncl-2.1.21+git20190531.feceb81/example/gapcode/gapcode.cpp Examining data/libncl-2.1.21+git20190531.feceb81/example/nclsimplest/nclsimplest.cpp Examining data/libncl-2.1.21+git20190531.feceb81/example/ncltest/ncltest.cpp Examining data/libncl-2.1.21+git20190531.feceb81/example/ncltest/ncltest.h Examining data/libncl-2.1.21+git20190531.feceb81/example/normalizer/converter.cpp Examining data/libncl-2.1.21+git20190531.feceb81/example/normalizer/normalizer.cpp Examining data/libncl-2.1.21+git20190531.feceb81/example/normalizer/normalizer.h Examining data/libncl-2.1.21+git20190531.feceb81/example/normalizer/us2ml.cpp Examining data/libncl-2.1.21+git20190531.feceb81/example/ot-subtree/otsubtree.cpp Examining data/libncl-2.1.21+git20190531.feceb81/example/ot-tree-inspect/ot_tree_inspect.cpp Examining data/libncl-2.1.21+git20190531.feceb81/example/outdeg1count/outdeg1count.cpp Examining data/libncl-2.1.21+git20190531.feceb81/example/patristic/patristic.cpp Examining data/libncl-2.1.21+git20190531.feceb81/example/phylobaseinterface/NCLInterface.cpp Examining data/libncl-2.1.21+git20190531.feceb81/example/phylobaseinterface/NCLInterface.h Examining data/libncl-2.1.21+git20190531.feceb81/example/polytomy-count/polytomy_count.cpp Examining data/libncl-2.1.21+git20190531.feceb81/example/splitsinfile/splitsinfile.cpp Examining data/libncl-2.1.21+git20190531.feceb81/example/splitsinfile/splitsstructs.cpp Examining data/libncl-2.1.21+git20190531.feceb81/example/splitsinfile/splitsstructs.h Examining data/libncl-2.1.21+git20190531.feceb81/example/subsetter/subsetter.cpp Examining data/libncl-2.1.21+git20190531.feceb81/example/translate/translateNuc.cpp Examining data/libncl-2.1.21+git20190531.feceb81/html/v2.1/funcdocs/simpleNCLClient/simpleNCLClient.cpp Examining data/libncl-2.1.21+git20190531.feceb81/ncl/ncl.h Examining data/libncl-2.1.21+git20190531.feceb81/ncl/nxsallocatematrix.h Examining data/libncl-2.1.21+git20190531.feceb81/ncl/nxsassumptionsblock.cpp Examining data/libncl-2.1.21+git20190531.feceb81/ncl/nxsassumptionsblock.h Examining data/libncl-2.1.21+git20190531.feceb81/ncl/nxsblock.cpp Examining data/libncl-2.1.21+git20190531.feceb81/ncl/nxsblock.h Examining data/libncl-2.1.21+git20190531.feceb81/ncl/nxscdiscretematrix.h Examining data/libncl-2.1.21+git20190531.feceb81/ncl/nxscharactersblock.cpp Examining data/libncl-2.1.21+git20190531.feceb81/ncl/nxscharactersblock.h Examining data/libncl-2.1.21+git20190531.feceb81/ncl/nxscxxdiscretematrix.cpp Examining data/libncl-2.1.21+git20190531.feceb81/ncl/nxscxxdiscretematrix.h Examining data/libncl-2.1.21+git20190531.feceb81/ncl/nxsdatablock.cpp Examining data/libncl-2.1.21+git20190531.feceb81/ncl/nxsdatablock.h Examining data/libncl-2.1.21+git20190531.feceb81/ncl/nxsdefs.h Examining data/libncl-2.1.21+git20190531.feceb81/ncl/nxsdiscretedatum.h Examining data/libncl-2.1.21+git20190531.feceb81/ncl/nxsdistancedatum.h Examining data/libncl-2.1.21+git20190531.feceb81/ncl/nxsdistancesblock.cpp Examining data/libncl-2.1.21+git20190531.feceb81/ncl/nxsdistancesblock.h Examining data/libncl-2.1.21+git20190531.feceb81/ncl/nxsexception.cpp Examining data/libncl-2.1.21+git20190531.feceb81/ncl/nxsexception.h Examining data/libncl-2.1.21+git20190531.feceb81/ncl/nxsmultiformat.cpp Examining data/libncl-2.1.21+git20190531.feceb81/ncl/nxsmultiformat.h Examining data/libncl-2.1.21+git20190531.feceb81/ncl/nxspublicblocks.cpp Examining data/libncl-2.1.21+git20190531.feceb81/ncl/nxspublicblocks.h Examining data/libncl-2.1.21+git20190531.feceb81/ncl/nxsreader.cpp Examining data/libncl-2.1.21+git20190531.feceb81/ncl/nxsreader.h Examining data/libncl-2.1.21+git20190531.feceb81/ncl/nxssetreader.cpp Examining data/libncl-2.1.21+git20190531.feceb81/ncl/nxssetreader.h Examining data/libncl-2.1.21+git20190531.feceb81/ncl/nxsstring.cpp Examining data/libncl-2.1.21+git20190531.feceb81/ncl/nxsstring.h Examining data/libncl-2.1.21+git20190531.feceb81/ncl/nxstaxaassociationblock.cpp Examining data/libncl-2.1.21+git20190531.feceb81/ncl/nxstaxaassociationblock.h Examining data/libncl-2.1.21+git20190531.feceb81/ncl/nxstaxablock.cpp Examining data/libncl-2.1.21+git20190531.feceb81/ncl/nxstaxablock.h Examining data/libncl-2.1.21+git20190531.feceb81/ncl/nxstoken.cpp Examining data/libncl-2.1.21+git20190531.feceb81/ncl/nxstoken.h Examining data/libncl-2.1.21+git20190531.feceb81/ncl/nxstreesblock.cpp Examining data/libncl-2.1.21+git20190531.feceb81/ncl/nxstreesblock.h Examining data/libncl-2.1.21+git20190531.feceb81/ncl/nxsunalignedblock.h Examining data/libncl-2.1.21+git20190531.feceb81/ncl/nxsutilcopy.h Examining data/libncl-2.1.21+git20190531.feceb81/ncl/nxsunalignedblock.cpp FINAL RESULTS: data/libncl-2.1.21+git20190531.feceb81/example/basiccmdline/basiccmdline.cpp:692:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(next_command, tmp.c_str()); data/libncl-2.1.21+git20190531.feceb81/example/phylobaseinterface/NCLInterface.cpp:1874:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(next_command, tmp.c_str()); data/libncl-2.1.21+git20190531.feceb81/ncl/nxscharactersblock.cpp:5236:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(s, sfo.c_str()); data/libncl-2.1.21+git20190531.feceb81/ncl/nxsstring.cpp:255:16: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # if !defined(vsnprintf) data/libncl-2.1.21+git20190531.feceb81/ncl/nxsstring.cpp:256:12: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # define vsnprintf _vsnprintf_s data/libncl-2.1.21+git20190531.feceb81/ncl/nxsstring.cpp:258:11: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. # define sprintf sprintf_s data/libncl-2.1.21+git20190531.feceb81/ncl/nxsstring.cpp:260:16: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # define vsnprintf _vsnprintf data/libncl-2.1.21+git20190531.feceb81/ncl/nxsstring.cpp:293:17: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. int nAdded = vsnprintf(buf, kInitialBufferSize, formatStr, argList); data/libncl-2.1.21+git20190531.feceb81/example/basiccmdline/basiccmdline.cpp:199:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen(fn, "r"); data/libncl-2.1.21+git20190531.feceb81/example/basiccmdline/basiccmdline.cpp:557:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). logf.open(logfname.c_str(), ios::out | ios::app); data/libncl-2.1.21+git20190531.feceb81/example/basiccmdline/basiccmdline.cpp:567:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). logf.open(logfname.c_str()); data/libncl-2.1.21+git20190531.feceb81/example/basiccmdline/basiccmdline.cpp:584:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). logf.open(logfname.c_str()); data/libncl-2.1.21+git20190531.feceb81/example/basiccmdline/basiccmdline.cpp:884:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(next_command, "exe \'"); data/libncl-2.1.21+git20190531.feceb81/example/check-taxo-nodes/checktaxonnodes.cpp:433:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[1024]; data/libncl-2.1.21+git20190531.feceb81/example/gapcode/gapcode.cpp:215:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[1024]; data/libncl-2.1.21+git20190531.feceb81/example/nclsimplest/nclsimplest.cpp:14:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). inf.open(infname, ios::binary); data/libncl-2.1.21+git20190531.feceb81/example/nclsimplest/nclsimplest.cpp:15:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). outf.open(outfname); data/libncl-2.1.21+git20190531.feceb81/example/ncltest/ncltest.cpp:261:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[1024]; data/libncl-2.1.21+git20190531.feceb81/example/normalizer/converter.cpp:160:31: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). outStream.open(filepath.c_str()); data/libncl-2.1.21+git20190531.feceb81/example/normalizer/converter.cpp:593:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). outf.open(fn.c_str()); data/libncl-2.1.21+git20190531.feceb81/example/normalizer/converter.cpp:861:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). nexOut.open(fullName.c_str()); data/libncl-2.1.21+git20190531.feceb81/example/normalizer/normalizer.cpp:500:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[1024]; data/libncl-2.1.21+git20190531.feceb81/example/normalizer/normalizer.cpp:770:24: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). gCommonFileStream.open(dname.c_str()); data/libncl-2.1.21+git20190531.feceb81/example/normalizer/us2ml.cpp:80:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[81]; data/libncl-2.1.21+git20190531.feceb81/example/normalizer/us2ml.cpp:81:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp, "%u", n); data/libncl-2.1.21+git20190531.feceb81/example/normalizer/us2ml.cpp:350:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). this->open(*ovec); data/libncl-2.1.21+git20190531.feceb81/example/normalizer/us2ml.cpp:353:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void open() data/libncl-2.1.21+git20190531.feceb81/example/normalizer/us2ml.cpp:356:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). this->open(atts); data/libncl-2.1.21+git20190531.feceb81/example/normalizer/us2ml.cpp:359:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void open(const std::vector<AttributeData> &atts) data/libncl-2.1.21+git20190531.feceb81/example/normalizer/us2ml.cpp:433:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). XMLElement::open(v); data/libncl-2.1.21+git20190531.feceb81/example/normalizer/us2ml.cpp:466:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). XMLElement::open(v); data/libncl-2.1.21+git20190531.feceb81/example/normalizer/us2ml.cpp:831:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). format.open(); data/libncl-2.1.21+git20190531.feceb81/example/normalizer/us2ml.cpp:838:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). mat.open(); data/libncl-2.1.21+git20190531.feceb81/example/normalizer/us2ml.cpp:895:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). format.open(); data/libncl-2.1.21+git20190531.feceb81/example/normalizer/us2ml.cpp:903:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). mat.open(); data/libncl-2.1.21+git20190531.feceb81/example/ot-subtree/otsubtree.cpp:261:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[1024]; data/libncl-2.1.21+git20190531.feceb81/example/ot-tree-inspect/ot_tree_inspect.cpp:193:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). namesFile.open(fn.c_str(), std::ofstream::out|std::ios::binary); data/libncl-2.1.21+git20190531.feceb81/example/ot-tree-inspect/ot_tree_inspect.cpp:363:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[1024]; data/libncl-2.1.21+git20190531.feceb81/example/outdeg1count/outdeg1count.cpp:261:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[1024]; data/libncl-2.1.21+git20190531.feceb81/example/patristic/patristic.cpp:253:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[1024]; data/libncl-2.1.21+git20190531.feceb81/example/phylobaseinterface/NCLInterface.cpp:382:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[100]; data/libncl-2.1.21+git20190531.feceb81/example/phylobaseinterface/NCLInterface.cpp:383:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer, "%.10f", state); data/libncl-2.1.21+git20190531.feceb81/example/phylobaseinterface/NCLInterface.cpp:805:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen(fn, "r"); data/libncl-2.1.21+git20190531.feceb81/example/phylobaseinterface/NCLInterface.cpp:1159:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[100]; data/libncl-2.1.21+git20190531.feceb81/example/phylobaseinterface/NCLInterface.cpp:1160:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer, "%.10f", state); data/libncl-2.1.21+git20190531.feceb81/example/phylobaseinterface/NCLInterface.cpp:1736:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). logf.open(logfname.c_str(), ios::out | ios::app); data/libncl-2.1.21+git20190531.feceb81/example/phylobaseinterface/NCLInterface.cpp:1746:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). logf.open(logfname.c_str()); data/libncl-2.1.21+git20190531.feceb81/example/phylobaseinterface/NCLInterface.cpp:1763:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). logf.open(logfname.c_str()); data/libncl-2.1.21+git20190531.feceb81/example/phylobaseinterface/NCLInterface.cpp:2052:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(next_command, "exe "); data/libncl-2.1.21+git20190531.feceb81/example/polytomy-count/polytomy_count.cpp:189:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[1024]; data/libncl-2.1.21+git20190531.feceb81/example/splitsinfile/splitsinfile.cpp:255:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[1024]; data/libncl-2.1.21+git20190531.feceb81/example/translate/translateNuc.cpp:241:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[1024]; data/libncl-2.1.21+git20190531.feceb81/ncl/nxsmultiformat.cpp:1319:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). inf.open(filepath, std::ios::binary); data/libncl-2.1.21+git20190531.feceb81/ncl/nxspublicblocks.cpp:689:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). inf.open(fn.c_str()); data/libncl-2.1.21+git20190531.feceb81/ncl/nxspublicblocks.cpp:717:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). tnf.open(fn); data/libncl-2.1.21+git20190531.feceb81/ncl/nxsreader.cpp:105:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). inf.open(filename, ios::binary); data/libncl-2.1.21+git20190531.feceb81/ncl/nxsstring.cpp:211:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[81]; data/libncl-2.1.21+git20190531.feceb81/ncl/nxsstring.cpp:216:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. std::sprintf(tmp, "%#3.6f", d); data/libncl-2.1.21+git20190531.feceb81/ncl/nxsstring.cpp:240:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[2]; data/libncl-2.1.21+git20190531.feceb81/ncl/nxsstring.cpp:279:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[kInitialBufferSize]; data/libncl-2.1.21+git20190531.feceb81/ncl/nxsstring.cpp:490:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fmtstr[81]; data/libncl-2.1.21+git20190531.feceb81/ncl/nxsstring.cpp:491:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fmtstr, "%%.%df", p); data/libncl-2.1.21+git20190531.feceb81/ncl/nxsstring.h:443:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[2]; data/libncl-2.1.21+git20190531.feceb81/ncl/nxsstring.h:467:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[81]; data/libncl-2.1.21+git20190531.feceb81/ncl/nxsstring.h:468:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. std::sprintf(tmp, "%d", i); data/libncl-2.1.21+git20190531.feceb81/ncl/nxsstring.h:502:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[81]; data/libncl-2.1.21+git20190531.feceb81/ncl/nxsstring.h:503:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. std::sprintf(tmp, "%u", i); data/libncl-2.1.21+git20190531.feceb81/ncl/nxsstring.h:514:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[81]; data/libncl-2.1.21+git20190531.feceb81/ncl/nxsstring.h:515:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. std::sprintf(tmp, "%ld", l); data/libncl-2.1.21+git20190531.feceb81/ncl/nxsstring.h:526:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[81]; data/libncl-2.1.21+git20190531.feceb81/ncl/nxsstring.h:527:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. std::sprintf(tmp, "%lu", l); data/libncl-2.1.21+git20190531.feceb81/ncl/nxstoken.h:479:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char whitespace[4]; /* stores the 3 whitespace characters: blank space, tab and newline */ data/libncl-2.1.21+git20190531.feceb81/ncl/nxsutilcopy.h:219:22: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. return (OutIt) std::memcpy(resultP, first, ((std::size_t) (last - first)) * sizeof(*first)); data/libncl-2.1.21+git20190531.feceb81/example/basiccmdline/basiccmdline.cpp:664:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). unsigned len = (unsigned)strlen(next_command); data/libncl-2.1.21+git20190531.feceb81/example/basiccmdline/basiccmdline.cpp:687:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = (unsigned)strlen(next_command); data/libncl-2.1.21+git20190531.feceb81/example/basiccmdline/basiccmdline.cpp:885:3: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(next_command, infile_name, 252); data/libncl-2.1.21+git20190531.feceb81/example/basiccmdline/basiccmdline.cpp:886:3: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant character. strncat(next_command, "\'", 252); data/libncl-2.1.21+git20190531.feceb81/example/check-taxo-nodes/checktaxonnodes.cpp:437:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(filename) > 0 && filename[0] != '#') data/libncl-2.1.21+git20190531.feceb81/example/check-taxo-nodes/checktaxonnodes.cpp:489:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const unsigned slen = strlen(filepath); data/libncl-2.1.21+git20190531.feceb81/example/check-taxo-nodes/checktaxonnodes.cpp:490:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(filepath) > 1 && filepath[0] == '-' && filepath[1] == 'h') data/libncl-2.1.21+git20190531.feceb81/example/check-taxo-nodes/checktaxonnodes.cpp:492:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else if (strlen(filepath) == 2 && filepath[0] == '-' && filepath[1] == 'v') data/libncl-2.1.21+git20190531.feceb81/example/compressor/compressor.cpp:20:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(argv[argi]) > 1 && argv[argi][0] == '-') data/libncl-2.1.21+git20190531.feceb81/example/find-unsupported-edges/findunsupportededges.cpp:879:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const unsigned slen = strlen(filepath); data/libncl-2.1.21+git20190531.feceb81/example/find-unsupported-edges/findunsupportededges.cpp:880:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(filepath) > 1 && filepath[0] == '-' && filepath[1] == 'h') data/libncl-2.1.21+git20190531.feceb81/example/find-unsupported-edges/findunsupportededges.cpp:882:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else if (strlen(filepath) == 2 && filepath[0] == '-' && filepath[1] == 'v') data/libncl-2.1.21+git20190531.feceb81/example/gapcode/gapcode.cpp:219:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(filename) > 0 && filename[0] != '#') data/libncl-2.1.21+git20190531.feceb81/example/gapcode/gapcode.cpp:270:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const unsigned slen = strlen(filepath); data/libncl-2.1.21+git20190531.feceb81/example/gapcode/gapcode.cpp:271:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(filepath) > 1 && filepath[0] == '-' && filepath[1] == 'h') data/libncl-2.1.21+git20190531.feceb81/example/gapcode/gapcode.cpp:312:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else if (strlen(filepath) > 2 && filepath[0] == '-' && filepath[1] == 'l') data/libncl-2.1.21+git20190531.feceb81/example/gapcode/gapcode.cpp:317:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else if (strlen(filepath) == 2 && filepath[0] == '-' && filepath[1] == 'c') data/libncl-2.1.21+git20190531.feceb81/example/gapcode/gapcode.cpp:321:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else if (strlen(filepath) == 2 && filepath[0] == '-' && filepath[1] == 'd') data/libncl-2.1.21+git20190531.feceb81/example/ncltest/ncltest.cpp:265:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(filename) > 0 && filename[0] != '#') data/libncl-2.1.21+git20190531.feceb81/example/ncltest/ncltest.cpp:335:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(filepath) > 1 && filepath[0] == '-' && filepath[1] == 'h') data/libncl-2.1.21+git20190531.feceb81/example/ncltest/ncltest.cpp:337:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else if (strlen(filepath) > 2 && filepath[0] == '-' && filepath[1] == 's') data/libncl-2.1.21+git20190531.feceb81/example/ncltest/ncltest.cpp:346:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else if (strlen(filepath) > 2 && filepath[0] == '-' && filepath[1] == 'l') data/libncl-2.1.21+git20190531.feceb81/example/normalizer/normalizer.cpp:504:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(filename) > 0 && filename[0] != '#') data/libncl-2.1.21+git20190531.feceb81/example/normalizer/normalizer.cpp:646:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const unsigned slen = strlen(filepath); data/libncl-2.1.21+git20190531.feceb81/example/normalizer/normalizer.cpp:885:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const unsigned slen = strlen(filepath); data/libncl-2.1.21+git20190531.feceb81/example/normalizer/normalizer.cpp:888:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(filepath) > 2 && filepath[0] == '-' && filepath[1] == 'l') data/libncl-2.1.21+git20190531.feceb81/example/ot-subtree/otsubtree.cpp:265:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(filename) > 0 && filename[0] != '#') data/libncl-2.1.21+git20190531.feceb81/example/ot-subtree/otsubtree.cpp:295:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const unsigned slen = strlen(filepath); data/libncl-2.1.21+git20190531.feceb81/example/ot-subtree/otsubtree.cpp:296:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(filepath) > 1 && filepath[0] == '-' && filepath[1] == 'h') data/libncl-2.1.21+git20190531.feceb81/example/ot-subtree/otsubtree.cpp:298:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else if (strlen(filepath) == 2 && filepath[0] == '-' && filepath[1] == 'v') data/libncl-2.1.21+git20190531.feceb81/example/ot-tree-inspect/ot_tree_inspect.cpp:367:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(filename) > 0 && filename[0] != '#') data/libncl-2.1.21+git20190531.feceb81/example/ot-tree-inspect/ot_tree_inspect.cpp:424:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const unsigned slen = strlen(filepath); data/libncl-2.1.21+git20190531.feceb81/example/ot-tree-inspect/ot_tree_inspect.cpp:425:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(filepath) > 1 && filepath[0] == '-' && filepath[1] == 'h') data/libncl-2.1.21+git20190531.feceb81/example/ot-tree-inspect/ot_tree_inspect.cpp:430:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else if (strlen(filepath) == 2 && filepath[0] == '-' && filepath[1] == 'v') data/libncl-2.1.21+git20190531.feceb81/example/outdeg1count/outdeg1count.cpp:265:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(filename) > 0 && filename[0] != '#') data/libncl-2.1.21+git20190531.feceb81/example/outdeg1count/outdeg1count.cpp:317:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const unsigned slen = strlen(filepath); data/libncl-2.1.21+git20190531.feceb81/example/outdeg1count/outdeg1count.cpp:318:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(filepath) > 1 && filepath[0] == '-' && filepath[1] == 'h') data/libncl-2.1.21+git20190531.feceb81/example/outdeg1count/outdeg1count.cpp:320:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else if (strlen(filepath) == 2 && filepath[0] == '-' && filepath[1] == 'v') data/libncl-2.1.21+git20190531.feceb81/example/patristic/patristic.cpp:256:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(filename) > 0 && filename[0] != '#') data/libncl-2.1.21+git20190531.feceb81/example/patristic/patristic.cpp:283:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(filepath) > 1 && filepath[0] == '-' && filepath[1] == 'h') data/libncl-2.1.21+git20190531.feceb81/example/patristic/patristic.cpp:285:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else if (strlen(filepath) > 2 && filepath[0] == '-' && filepath[1] == 't') { data/libncl-2.1.21+git20190531.feceb81/example/patristic/patristic.cpp:293:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else if (strlen(filepath) == 2 && filepath[0] == '-' && filepath[1] == 'm') data/libncl-2.1.21+git20190531.feceb81/example/patristic/patristic.cpp:295:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else if (strlen(filepath) == 2 && filepath[0] == '-' && filepath[1] == 'n') data/libncl-2.1.21+git20190531.feceb81/example/patristic/patristic.cpp:297:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else if (strlen(filepath) > 2 && filepath[0] == '-' && filepath[1] == 'l') data/libncl-2.1.21+git20190531.feceb81/example/phylobaseinterface/NCLInterface.cpp:1844:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). unsigned len = (unsigned)strlen(next_command); data/libncl-2.1.21+git20190531.feceb81/example/phylobaseinterface/NCLInterface.cpp:1869:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = (unsigned)strlen(next_command); data/libncl-2.1.21+git20190531.feceb81/example/phylobaseinterface/NCLInterface.cpp:2053:3: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(next_command, infile_name, 252); data/libncl-2.1.21+git20190531.feceb81/example/polytomy-count/polytomy_count.cpp:193:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(filename) > 0 && filename[0] != '#') data/libncl-2.1.21+git20190531.feceb81/example/polytomy-count/polytomy_count.cpp:245:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const unsigned slen = strlen(filepath); data/libncl-2.1.21+git20190531.feceb81/example/polytomy-count/polytomy_count.cpp:246:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(filepath) > 1 && filepath[0] == '-' && filepath[1] == 'h') data/libncl-2.1.21+git20190531.feceb81/example/polytomy-count/polytomy_count.cpp:248:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else if (strlen(filepath) == 2 && filepath[0] == '-' && filepath[1] == 'v') data/libncl-2.1.21+git20190531.feceb81/example/splitsinfile/splitsinfile.cpp:259:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(filename) > 0 && filename[0] != '#') data/libncl-2.1.21+git20190531.feceb81/example/splitsinfile/splitsinfile.cpp:319:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const unsigned slen = strlen(filepath); data/libncl-2.1.21+git20190531.feceb81/example/splitsinfile/splitsinfile.cpp:320:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(filepath) > 1 && filepath[0] == '-' && filepath[1] == 'h') data/libncl-2.1.21+git20190531.feceb81/example/splitsinfile/splitsinfile.cpp:322:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else if (strlen(filepath) == 2 && filepath[0] == '-' && filepath[1] == 'r') data/libncl-2.1.21+git20190531.feceb81/example/splitsinfile/splitsinfile.cpp:324:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else if (strlen(filepath) == 2 && filepath[0] == '-' && filepath[1] == 'v') data/libncl-2.1.21+git20190531.feceb81/example/splitsinfile/splitsinfile.cpp:326:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else if (strlen(filepath) == 2 && filepath[0] == '-' && filepath[1] == 't') data/libncl-2.1.21+git20190531.feceb81/example/splitsinfile/splitsinfile.cpp:328:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else if (strlen(filepath) == 2 && filepath[0] == '-' && filepath[1] == 'p') data/libncl-2.1.21+git20190531.feceb81/example/splitsinfile/splitsinfile.cpp:330:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else if (strlen(filepath) == 2 && filepath[0] == '-' && filepath[1] == 'o') data/libncl-2.1.21+git20190531.feceb81/example/splitsinfile/splitsinfile.cpp:332:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else if (strlen(filepath) == 2 && filepath[0] == '-' && filepath[1] == 'e') data/libncl-2.1.21+git20190531.feceb81/example/splitsinfile/splitsinfile.cpp:336:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else if (strlen(filepath) == 2 && filepath[0] == '-' && filepath[1] == 'd') data/libncl-2.1.21+git20190531.feceb81/example/splitsinfile/splitsinfile.cpp:340:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else if (strlen(filepath) == 2 && filepath[0] == '-' && filepath[1] == 'b') data/libncl-2.1.21+git20190531.feceb81/example/splitsinfile/splitsinfile.cpp:415:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(filepath) > 2 && filepath[0] == '-' && filepath[1] == 'l') data/libncl-2.1.21+git20190531.feceb81/example/translate/translateNuc.cpp:245:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(filename) > 0 && filename[0] != '#') data/libncl-2.1.21+git20190531.feceb81/example/translate/translateNuc.cpp:305:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const unsigned slen = strlen(filepath); data/libncl-2.1.21+git20190531.feceb81/example/translate/translateNuc.cpp:306:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(filepath) > 1 && filepath[0] == '-' && filepath[1] == 'h') data/libncl-2.1.21+git20190531.feceb81/example/translate/translateNuc.cpp:364:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else if (strlen(filepath) > 2 && filepath[0] == '-' && filepath[1] == 'l') data/libncl-2.1.21+git20190531.feceb81/ncl/nxsmultiformat.cpp:248:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). inf.read(buffer, inbuffer); data/libncl-2.1.21+git20190531.feceb81/ncl/nxsmultiformat.cpp:272:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). inf.read(buffer + offset, inbuffer); data/libncl-2.1.21+git20190531.feceb81/ncl/nxsmultiformat.cpp:713:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const unsigned lenFirstWord = (unsigned const)strlen(firstWord); data/libncl-2.1.21+git20190531.feceb81/ncl/nxsreader.cpp:234:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). bool emptyTitle = strlen(title) == 0; data/libncl-2.1.21+git20190531.feceb81/ncl/nxsstring.cpp:217:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). unsigned tmplen = (unsigned)strlen(tmp); ANALYSIS SUMMARY: Hits = 145 Lines analyzed = 43872 in approximately 1.30 seconds (33760 lines/second) Physical Source Lines of Code (SLOC) = 33500 Hits@level = [0] 0 [1] 72 [2] 65 [3] 0 [4] 8 [5] 0 Hits@level+ = [0+] 145 [1+] 145 [2+] 73 [3+] 8 [4+] 8 [5+] 0 Hits/KSLOC@level+ = [0+] 4.32836 [1+] 4.32836 [2+] 2.1791 [3+] 0.238806 [4+] 0.238806 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.