Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libpll-0.3.2/examples/heterotachy/heterotachy.c
Examining data/libpll-0.3.2/examples/lg4/lg4.c
Examining data/libpll-0.3.2/examples/load-utree/load-utree.c
Examining data/libpll-0.3.2/examples/newick-export/newick-export.c
Examining data/libpll-0.3.2/examples/newick-fasta-rooted/newick-fasta-rooted.c
Examining data/libpll-0.3.2/examples/newick-fasta-unrooted/newick-fasta-unrooted.c
Examining data/libpll-0.3.2/examples/newick-phylip-unrooted/newick-phylip-unrooted.c
Examining data/libpll-0.3.2/examples/newton/newton.c
Examining data/libpll-0.3.2/examples/parsimony/npr-pars.c
Examining data/libpll-0.3.2/examples/partial-traversal/partial.c
Examining data/libpll-0.3.2/examples/protein-list/protein-list.c
Examining data/libpll-0.3.2/examples/rooted-tacg/rooted-tacg.c
Examining data/libpll-0.3.2/examples/rooted/rooted.c
Examining data/libpll-0.3.2/examples/stepwise/stepwise.c
Examining data/libpll-0.3.2/examples/unrooted/unrooted.c
Examining data/libpll-0.3.2/src/compress.c
Examining data/libpll-0.3.2/src/core_derivatives.c
Examining data/libpll-0.3.2/src/core_derivatives_avx.c
Examining data/libpll-0.3.2/src/core_derivatives_avx2.c
Examining data/libpll-0.3.2/src/core_derivatives_sse.c
Examining data/libpll-0.3.2/src/core_likelihood.c
Examining data/libpll-0.3.2/src/core_likelihood_avx.c
Examining data/libpll-0.3.2/src/core_likelihood_avx2.c
Examining data/libpll-0.3.2/src/core_likelihood_sse.c
Examining data/libpll-0.3.2/src/core_partials.c
Examining data/libpll-0.3.2/src/core_partials_avx.c
Examining data/libpll-0.3.2/src/core_partials_avx2.c
Examining data/libpll-0.3.2/src/core_partials_sse.c
Examining data/libpll-0.3.2/src/core_pmatrix.c
Examining data/libpll-0.3.2/src/core_pmatrix_avx.c
Examining data/libpll-0.3.2/src/core_pmatrix_avx2.c
Examining data/libpll-0.3.2/src/core_pmatrix_sse.c
Examining data/libpll-0.3.2/src/derivatives.c
Examining data/libpll-0.3.2/src/fast_parsimony.c
Examining data/libpll-0.3.2/src/fast_parsimony_avx.c
Examining data/libpll-0.3.2/src/fast_parsimony_avx2.c
Examining data/libpll-0.3.2/src/fast_parsimony_sse.c
Examining data/libpll-0.3.2/src/fasta.c
Examining data/libpll-0.3.2/src/gamma.c
Examining data/libpll-0.3.2/src/hardware.c
Examining data/libpll-0.3.2/src/likelihood.c
Examining data/libpll-0.3.2/src/list.c
Examining data/libpll-0.3.2/src/maps.c
Examining data/libpll-0.3.2/src/models.c
Examining data/libpll-0.3.2/src/output.c
Examining data/libpll-0.3.2/src/parsimony.c
Examining data/libpll-0.3.2/src/partials.c
Examining data/libpll-0.3.2/src/phylip.c
Examining data/libpll-0.3.2/src/pll.c
Examining data/libpll-0.3.2/src/pll.h
Examining data/libpll-0.3.2/src/random.c
Examining data/libpll-0.3.2/src/rtree.c
Examining data/libpll-0.3.2/src/stepwise.c
Examining data/libpll-0.3.2/src/utree.c
Examining data/libpll-0.3.2/src/utree_moves.c
Examining data/libpll-0.3.2/src/utree_svg.c
Examining data/libpll-0.3.2/test/src/00010_NMDU_lkcalc.c
Examining data/libpll-0.3.2/test/src/00011_NMAU_lkcalc.c
Examining data/libpll-0.3.2/test/src/00012_NMOU_lkcalc.c
Examining data/libpll-0.3.2/test/src/00020_NMDR_lkcalc.c
Examining data/libpll-0.3.2/test/src/00021_NMAR_lkcalc.c
Examining data/libpll-0.3.2/test/src/00022_NMOR_lkcalc.c
Examining data/libpll-0.3.2/test/src/00030_NMDU_gamma.c
Examining data/libpll-0.3.2/test/src/00032_NMOU_gamma.c
Examining data/libpll-0.3.2/test/src/00110_NPDN_fasta.c
Examining data/libpll-0.3.2/test/src/00120_NPAN_fasta.c
Examining data/libpll-0.3.2/test/src/alpha-cats.c
Examining data/libpll-0.3.2/test/src/asc-bias.c
Examining data/libpll-0.3.2/test/src/common.c
Examining data/libpll-0.3.2/test/src/common.h
Examining data/libpll-0.3.2/test/src/derivatives-oddstates.c
Examining data/libpll-0.3.2/test/src/derivatives.c
Examining data/libpll-0.3.2/test/src/hky.c
Examining data/libpll-0.3.2/test/src/partial-traversal.c
Examining data/libpll-0.3.2/test/src/pmatrix.c
Examining data/libpll-0.3.2/test/src/protein-models.c
Examining data/libpll-0.3.2/test/src/rng.h
Examining data/libpll-0.3.2/test/src/rooted-tipinner.c
Examining data/libpll-0.3.2/test/src/rooted.c
Examining data/libpll-0.3.2/test/src/scaling.c
FINAL RESULTS:
data/libpll-0.3.2/examples/lg4/lg4.c:46:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
return strcpy(p,s);
data/libpll-0.3.2/examples/lg4/lg4.c:79:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, argptr);
data/libpll-0.3.2/examples/load-utree/load-utree.c:31:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, argptr);
data/libpll-0.3.2/examples/newick-export/newick-export.c:32:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, argptr);
data/libpll-0.3.2/examples/newick-fasta-rooted/newick-fasta-rooted.c:46:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
return strcpy(p,s);
data/libpll-0.3.2/examples/newick-fasta-rooted/newick-fasta-rooted.c:69:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, argptr);
data/libpll-0.3.2/examples/newick-fasta-unrooted/newick-fasta-unrooted.c:46:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
return strcpy(p,s);
data/libpll-0.3.2/examples/newick-fasta-unrooted/newick-fasta-unrooted.c:79:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, argptr);
data/libpll-0.3.2/examples/newick-phylip-unrooted/newick-phylip-unrooted.c:53:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
return strcpy(p,s);
data/libpll-0.3.2/examples/newick-phylip-unrooted/newick-phylip-unrooted.c:86:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, argptr);
data/libpll-0.3.2/examples/parsimony/npr-pars.c:46:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
return strcpy(p,s);
data/libpll-0.3.2/examples/parsimony/npr-pars.c:59:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, argptr);
data/libpll-0.3.2/examples/partial-traversal/partial.c:52:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
return strcpy(p,s);
data/libpll-0.3.2/examples/partial-traversal/partial.c:130:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, argptr);
data/libpll-0.3.2/examples/protein-list/protein-list.c:47:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
return strcpy(p,s);
data/libpll-0.3.2/examples/protein-list/protein-list.c:149:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, argptr);
data/libpll-0.3.2/examples/stepwise/stepwise.c:35:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, argptr);
data/libpll-0.3.2/src/stepwise.c:45:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
return strcpy(p,s);
data/libpll-0.3.2/src/utree.c:51:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
return strcpy(p,s);
data/libpll-0.3.2/src/utree.c:555:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(new_node->label,node->label);
data/libpll-0.3.2/test/src/00030_NMDU_gamma.c:64:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(prefix, gamma_mode == PLL_GAMMA_RATES_MEDIAN ? "MEDIAN" : "MEAN");
data/libpll-0.3.2/test/src/common.c:210:23: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((format(printf, 1, 2)))
data/libpll-0.3.2/test/src/common.c:215:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, argptr);
data/libpll-0.3.2/test/src/common.c:235:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
return strcpy(p,s);
data/libpll-0.3.2/examples/load-utree/load-utree.c:75:16: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
long int r = random() % utree->inner_count;
data/libpll-0.3.2/examples/newick-export/newick-export.c:133:3: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom(time(NULL));
data/libpll-0.3.2/examples/newick-export/newick-export.c:150:21: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
data->support = random() / (double)RAND_MAX;
data/libpll-0.3.2/examples/newick-export/newick-export.c:165:21: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
data->support = random() / (double)RAND_MAX;
data/libpll-0.3.2/examples/newick-export/newick-export.c:166:36: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
data->rvalue = data->support * random();
data/libpll-0.3.2/examples/newick-export/newick-export.c:170:16: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
long int r = random() % utree->inner_count;
data/libpll-0.3.2/examples/partial-traversal/partial.c:362:3: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand((unsigned int)time(NULL));
data/libpll-0.3.2/examples/stepwise/stepwise.c:206:16: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
long int r = random() % tree->inner_count;
data/libpll-0.3.2/examples/partial-traversal/partial.c:347:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(inner_nodes_list,
data/libpll-0.3.2/examples/protein-list/protein-list.c:96:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * protein_models_names_list[PROT_MODELS_COUNT] =
data/libpll-0.3.2/examples/stepwise/stepwise.c:85:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
unsigned int states = atoi(argv[4]);
data/libpll-0.3.2/examples/stepwise/stepwise.c:113:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmpheaders,headers,(max_alloc-100)*sizeof(char *));
data/libpll-0.3.2/examples/stepwise/stepwise.c:114:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmpseqdata,seqdata,(max_alloc-100)*sizeof(char *));
data/libpll-0.3.2/examples/stepwise/stepwise.c:202:81: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pll_utree_t * tree = pll_fastparsimony_stepwise(&parsimony, headers, &score,1,atoi(argv[2]));
data/libpll-0.3.2/src/compress.c:90:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(oldmap, map, PLL_ASCII_SIZE * sizeof(unsigned int));
data/libpll-0.3.2/src/compress.c:148:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char charmap[PLL_ASCII_SIZE];
data/libpll-0.3.2/src/compress.c:149:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char inv_charmap[PLL_ASCII_SIZE];
data/libpll-0.3.2/src/core_partials.c:35:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(parent_scaler, left_scaler, sizeof(unsigned int) * scaler_size);
data/libpll-0.3.2/src/core_partials.c:42:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(parent_scaler, left_scaler, sizeof(unsigned int) * scaler_size);
data/libpll-0.3.2/src/core_partials.c:44:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(parent_scaler, right_scaler, sizeof(unsigned int) * scaler_size);
data/libpll-0.3.2/src/core_partials.c:76:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(parent_clv, offset, span*sizeof(double));
data/libpll-0.3.2/src/core_partials.c:196:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(parent_clv, offset, span*sizeof(double));
data/libpll-0.3.2/src/core_partials_avx.c:35:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(parent_scaler, left_scaler, sizeof(unsigned int) * scaler_size);
data/libpll-0.3.2/src/core_partials_avx.c:42:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(parent_scaler, left_scaler, sizeof(unsigned int) * scaler_size);
data/libpll-0.3.2/src/core_partials_avx.c:44:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(parent_scaler, right_scaler, sizeof(unsigned int) * scaler_size);
data/libpll-0.3.2/src/core_partials_avx.c:575:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(parent_clv, offset, span_padded*sizeof(double));
data/libpll-0.3.2/src/core_partials_avx2.c:35:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(parent_scaler, left_scaler, sizeof(unsigned int) * scaler_size);
data/libpll-0.3.2/src/core_partials_avx2.c:42:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(parent_scaler, left_scaler, sizeof(unsigned int) * scaler_size);
data/libpll-0.3.2/src/core_partials_avx2.c:44:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(parent_scaler, right_scaler, sizeof(unsigned int) * scaler_size);
data/libpll-0.3.2/src/core_partials_sse.c:35:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(parent_scaler, left_scaler, sizeof(unsigned int) * scaler_size);
data/libpll-0.3.2/src/core_partials_sse.c:42:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(parent_scaler, left_scaler, sizeof(unsigned int) * scaler_size);
data/libpll-0.3.2/src/core_partials_sse.c:44:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(parent_scaler, right_scaler, sizeof(unsigned int) * scaler_size);
data/libpll-0.3.2/src/core_partials_sse.c:429:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(parent_clv, offset, span_padded*sizeof(double));
data/libpll-0.3.2/src/core_partials_sse.c:463:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(parent_clv, offset, span*sizeof(double));
data/libpll-0.3.2/src/fasta.c:60:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd->fp = fopen(filename, "r");
data/libpll-0.3.2/src/fasta.c:195:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*head, fd->line + 1, (size_t)headerlen);
data/libpll-0.3.2/src/models.c:196:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(params_normalized,params,params_count*sizeof(double));
data/libpll-0.3.2/src/models.c:295:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(eigenvecs + i*states_padded, a[i], states*sizeof(double));
data/libpll-0.3.2/src/models.c:298:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(eigenvals, d, states*sizeof(double));
data/libpll-0.3.2/src/models.c:370:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(partition->frequencies[freqs_index],
data/libpll-0.3.2/src/models.c:379:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(partition->rates, rates, partition->rate_cats*sizeof(double));
data/libpll-0.3.2/src/models.c:385:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(partition->rate_weights, rate_weights,
data/libpll-0.3.2/src/models.c:395:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(partition->subst_params[params_index],
data/libpll-0.3.2/src/parsimony.c:149:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pars->score_matrix, score_matrix, states*states*sizeof(double));
data/libpll-0.3.2/src/phylip.c:109:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp,fd->line,fd->line_size*sizeof(char));
data/libpll-0.3.2/src/phylip.c:132:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fd->line+fd->line_size,fd->buffer,len*sizeof(char));
data/libpll-0.3.2/src/phylip.c:303:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd->fp = fopen(filename, "r");
data/libpll-0.3.2/src/phylip.c:475:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msa->label[seqno], p, (size_t)headerlen);
data/libpll-0.3.2/src/phylip.c:655:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msa->label[seqno], p, (size_t)headerlen);
data/libpll-0.3.2/src/pll.c:25:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
__thread char pll_errmsg[200] = {0};
data/libpll-0.3.2/src/pll.c:142:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mapcopy, map, PLL_ASCII_SIZE * sizeof(unsigned int));
data/libpll-0.3.2/src/pll.c:284:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(map, usermap, PLL_ASCII_SIZE * sizeof(unsigned int));
data/libpll-0.3.2/src/pll.c:936:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tipclv, tipclv - partition->states_padded,
data/libpll-0.3.2/src/pll.c:956:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tipclv, tipclv - partition->states_padded,
data/libpll-0.3.2/src/pll.c:1022:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tipclv, clv, partition->states*sizeof(double));
data/libpll-0.3.2/src/pll.c:1051:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(partition->pattern_weights,
data/libpll-0.3.2/src/pll.c:1113:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(partition->pattern_weights + partition->sites,
data/libpll-0.3.2/src/pll.h:285:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[PLL_LINEALLOC];
data/libpll-0.3.2/src/pll.h:301:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[PLL_LINEALLOC];
data/libpll-0.3.2/src/pll.h:471:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
PLL_EXPORT extern __thread char pll_errmsg[200];
data/libpll-0.3.2/src/utree.c:550:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_node, node, sizeof(pll_unode_t));
data/libpll-0.3.2/src/utree.c:561:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_node->next, node->next, sizeof(pll_unode_t));
data/libpll-0.3.2/src/utree.c:564:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_node->next->next, node->next->next, sizeof(pll_unode_t));
data/libpll-0.3.2/src/utree_svg.c:418:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE * fp = fopen(filename, "w");
data/libpll-0.3.2/test/src/00030_NMDU_gamma.c:61:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix[10];
data/libpll-0.3.2/test/src/partial-traversal.c:265:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(inner_nodes_list,
data/libpll-0.3.2/test/src/protein-models.c:59:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char * prot_model_names[N_PROT_MODELS] =
data/libpll-0.3.2/test/src/rooted-tipinner.c:205:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(inner_nodes_list,
data/libpll-0.3.2/test/src/rooted.c:206:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(inner_nodes_list,
data/libpll-0.3.2/examples/lg4/lg4.c:44:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(s);
data/libpll-0.3.2/examples/newick-fasta-rooted/newick-fasta-rooted.c:44:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(s);
data/libpll-0.3.2/examples/newick-fasta-unrooted/newick-fasta-unrooted.c:44:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(s);
data/libpll-0.3.2/examples/newick-phylip-unrooted/newick-phylip-unrooted.c:51:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(s);
data/libpll-0.3.2/examples/parsimony/npr-pars.c:44:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(s);
data/libpll-0.3.2/examples/partial-traversal/partial.c:50:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(s);
data/libpll-0.3.2/examples/protein-list/protein-list.c:45:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(s);
data/libpll-0.3.2/examples/rooted-tacg/rooted-tacg.c:32:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(seq);
data/libpll-0.3.2/src/fasta.c:37:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (char *)s + strlen(s);
data/libpll-0.3.2/src/phylip.c:96:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (char *)s + strlen(s);
data/libpll-0.3.2/src/phylip.c:126:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(fd->buffer);
data/libpll-0.3.2/src/rtree.c:139:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_alloced = strlen(newick);
data/libpll-0.3.2/src/rtree.c:204:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_alloced = strlen(newick);
data/libpll-0.3.2/src/stepwise.c:37:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(s);
data/libpll-0.3.2/src/utree.c:43:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(s);
data/libpll-0.3.2/src/utree.c:160:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_alloced = strlen(newick);
data/libpll-0.3.2/src/utree.c:554:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new_node->label = (char *)malloc(strlen(node->label)+1);
data/libpll-0.3.2/src/utree_svg.c:274:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(tree->nodes[i]->label ? strlen(tree->nodes[i]->label) : 0);
data/libpll-0.3.2/test/src/common.c:233:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(s);
data/libpll-0.3.2/test/src/scaling.c:168:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(alphabet);
ANALYSIS SUMMARY:
Hits = 113
Lines analyzed = 36526 in approximately 1.05 seconds (34821 lines/second)
Physical Source Lines of Code (SLOC) = 25968
Hits@level = [0] 785 [1] 20 [2] 61 [3] 8 [4] 24 [5] 0
Hits@level+ = [0+] 898 [1+] 113 [2+] 93 [3+] 32 [4+] 24 [5+] 0
Hits/KSLOC@level+ = [0+] 34.581 [1+] 4.35151 [2+] 3.58133 [3+] 1.23229 [4+] 0.924214 [5+] 0
Symlinks skipped = 1 (--allowlink overrides but see doc for security issue)
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.