Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/maffilter-1.3.1+dfsg/MafFilter/MafFilter.cpp
Examining data/maffilter-1.3.1+dfsg/MafFilter/OutputAsFeaturesMafIterator.cpp
Examining data/maffilter-1.3.1+dfsg/MafFilter/OutputAsFeaturesMafIterator.h
Examining data/maffilter-1.3.1+dfsg/MafFilter/SystemCallMafIterator.cpp
Examining data/maffilter-1.3.1+dfsg/MafFilter/SystemCallMafIterator.h
Examining data/maffilter-1.3.1+dfsg/MafFilter/TreeBuildingSystemCallMafIterator.cpp
Examining data/maffilter-1.3.1+dfsg/MafFilter/TreeBuildingSystemCallMafIterator.h
FINAL RESULTS:
data/maffilter-1.3.1+dfsg/MafFilter/SystemCallMafIterator.cpp:62:12: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
int rc = system(call_.c_str());
data/maffilter-1.3.1+dfsg/MafFilter/TreeBuildingSystemCallMafIterator.cpp:67:12: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
int rc = system(call_.c_str());
data/maffilter-1.3.1+dfsg/MafFilter/MafFilter.cpp:203:43: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ISequenceStream* seqStream = reader.read(inputFormat);
data/maffilter-1.3.1+dfsg/MafFilter/MafFilter.cpp:1221:59: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
unique_ptr<SubstitutionModel> model(modelReader.read(&AlphabetTools::DNA_ALPHABET, modelDesc, 0, true));
data/maffilter-1.3.1+dfsg/MafFilter/MafFilter.cpp:1223:62: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
unique_ptr<DiscreteDistribution> rdist(rdistReader.read(rdistDesc, true));
data/maffilter-1.3.1+dfsg/MafFilter/MafFilter.cpp:1300:42: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
OAlignment* alnWriter(bppoWriter.read(programInputFormat));
data/maffilter-1.3.1+dfsg/MafFilter/MafFilter.cpp:1305:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ITree* treeReader(bppoReader.read(programOutputFormat));
data/maffilter-1.3.1+dfsg/MafFilter/MafFilter.cpp:1410:39: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
OAlignment* oAln = bppoWriter.read(description);
data/maffilter-1.3.1+dfsg/MafFilter/MafFilter.cpp:1851:42: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
OAlignment* alnWriter(bppoWriter.read(programInputFormat));
data/maffilter-1.3.1+dfsg/MafFilter/MafFilter.cpp:1856:42: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
IAlignment* alnReader(bppoReader.read(programOutputFormat));
data/maffilter-1.3.1+dfsg/MafFilter/TreeBuildingSystemCallMafIterator.cpp:71:42: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
unique_ptr< Tree > result(treeReader_->read(outputFile_));
ANALYSIS SUMMARY:
Hits = 11
Lines analyzed = 2468 in approximately 0.09 seconds (26146 lines/second)
Physical Source Lines of Code (SLOC) = 1712
Hits@level = [0] 0 [1] 9 [2] 0 [3] 0 [4] 2 [5] 0
Hits@level+ = [0+] 11 [1+] 11 [2+] 2 [3+] 2 [4+] 2 [5+] 0
Hits/KSLOC@level+ = [0+] 6.42523 [1+] 6.42523 [2+] 1.16822 [3+] 1.16822 [4+] 1.16822 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.