Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/minimac4-1.0.2/src/Analysis.cpp Examining data/minimac4-1.0.2/src/Analysis.h Examining data/minimac4-1.0.2/src/AnalysisChunks.cpp Examining data/minimac4-1.0.2/src/DosageData.cpp Examining data/minimac4-1.0.2/src/DosageData.h Examining data/minimac4-1.0.2/src/Estimation.cpp Examining data/minimac4-1.0.2/src/Estimation.h Examining data/minimac4-1.0.2/src/HaplotypeSet.h Examining data/minimac4-1.0.2/src/Imputation.cpp Examining data/minimac4-1.0.2/src/Imputation.h Examining data/minimac4-1.0.2/src/ImputationStatistics.cpp Examining data/minimac4-1.0.2/src/ImputationStatistics.h Examining data/minimac4-1.0.2/src/Main.cpp Examining data/minimac4-1.0.2/src/MarkovModel.cpp Examining data/minimac4-1.0.2/src/MarkovModel.h Examining data/minimac4-1.0.2/src/MarkovParameters.h Examining data/minimac4-1.0.2/src/MyVariables.h Examining data/minimac4-1.0.2/src/Unique.cpp Examining data/minimac4-1.0.2/src/Unique.h Examining data/minimac4-1.0.2/src/HaplotypeSet.cpp Examining data/minimac4-1.0.2/src/MarkovParameters.cpp FINAL RESULTS: data/minimac4-1.0.2/src/Analysis.cpp:252:40: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. InfoPrintStringLength+=sprintf(InfoPrintStringPointer+InfoPrintStringLength , "%s\t%s\t%s\t%.5f\t%.5f\t%.5f\t%.5f\t", data/minimac4-1.0.2/src/Analysis.cpp:285:44: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. InfoPrintStringLength+=sprintf(InfoPrintStringPointer+InfoPrintStringLength , "%s\t%s\t%s\t%.5f\t%.5f\t-\t-\tTyped_Only\t-\t-\t-\t-\t-\n", data/minimac4-1.0.2/src/Analysis.cpp:352:43: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. VcfPrintStringLength+=sprintf(VcfPrintStringPointer + VcfPrintStringLength,"%s\t%d\t%s\t%s\t%s\t.\tPASS", data/minimac4-1.0.2/src/Analysis.cpp:364:47: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. VcfPrintStringLength+=sprintf(VcfPrintStringPointer + VcfPrintStringLength,"%s",line.c_str()); data/minimac4-1.0.2/src/Analysis.cpp:445:39: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. VcfPrintStringLength+=sprintf(VcfPrintStringPointer + VcfPrintStringLength,"%s\t%d\t%s\t%s\t%s\t.\tPASS", data/minimac4-1.0.2/src/Analysis.cpp:466:39: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. VcfPrintStringLength+=sprintf(VcfPrintStringPointer + VcfPrintStringLength,"\t%s",MyAllVariables->myOutFormat.formatStringForVCF.c_str()); data/minimac4-1.0.2/src/Analysis.cpp:471:43: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. VcfPrintStringLength+=sprintf(VcfPrintStringPointer + VcfPrintStringLength,"%s",line.c_str()); data/minimac4-1.0.2/src/Analysis.cpp:488:39: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. VcfPrintStringLength+=sprintf(VcfPrintStringPointer + VcfPrintStringLength,"%s\t%d\t%s\t%s\t%s\t.\tPASS", data/minimac4-1.0.2/src/Analysis.cpp:500:39: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. VcfPrintStringLength+=sprintf(VcfPrintStringPointer + VcfPrintStringLength,"\t%s",MyAllVariables->myOutFormat.formatStringForVCF.c_str()); data/minimac4-1.0.2/src/Analysis.cpp:505:43: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. VcfPrintStringLength+=sprintf(VcfPrintStringPointer + VcfPrintStringLength,"%s",line.c_str()); data/minimac4-1.0.2/src/Estimation.cpp:144:40: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. InfoPrintStringLength+=sprintf(InfoPrintStringPointer+InfoPrintStringLength , "%s\t%s\t%s\t%.5f\t%.5f\t%.5f\t%.5f\t", data/minimac4-1.0.2/src/Estimation.cpp:177:40: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. InfoPrintStringLength+=sprintf(InfoPrintStringPointer+InfoPrintStringLength , "%s\t%s\t%s\t%.5f\t%.5f\t-\t-\tTyped_Only\t-\t-\t-\t-\t-\n", data/minimac4-1.0.2/src/Estimation.cpp:240:43: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. VcfPrintStringLength+=sprintf(VcfPrintStringPointer + VcfPrintStringLength,"%s\t%d\t%s\t%s\t%s\t.\tPASS", data/minimac4-1.0.2/src/Estimation.cpp:252:47: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. VcfPrintStringLength+=sprintf(VcfPrintStringPointer + VcfPrintStringLength,"%s",line.c_str()); data/minimac4-1.0.2/src/Estimation.cpp:330:39: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. VcfPrintStringLength+=sprintf(VcfPrintStringPointer + VcfPrintStringLength,"%s\t%d\t%s\t%s\t%s\t.\tPASS", data/minimac4-1.0.2/src/Estimation.cpp:351:39: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. VcfPrintStringLength+=sprintf(VcfPrintStringPointer + VcfPrintStringLength,"\t%s",MyAllVariables->myOutFormat.formatStringForVCF.c_str()); data/minimac4-1.0.2/src/Estimation.cpp:356:43: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. VcfPrintStringLength+=sprintf(VcfPrintStringPointer + VcfPrintStringLength,"%s",line.c_str()); data/minimac4-1.0.2/src/Estimation.cpp:373:39: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. VcfPrintStringLength+=sprintf(VcfPrintStringPointer + VcfPrintStringLength,"%s\t%d\t%s\t%s\t%s\t.\tPASS", data/minimac4-1.0.2/src/Estimation.cpp:385:39: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. VcfPrintStringLength+=sprintf(VcfPrintStringPointer + VcfPrintStringLength,"\t%s",MyAllVariables->myOutFormat.formatStringForVCF.c_str()); data/minimac4-1.0.2/src/Estimation.cpp:390:43: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. VcfPrintStringLength+=sprintf(VcfPrintStringPointer + VcfPrintStringLength,"%s",line.c_str()); data/minimac4-1.0.2/src/HaplotypeSet.cpp:1491:14: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). std::strcpy(temp,tempString.c_str()); data/minimac4-1.0.2/src/MyVariables.h:190:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(MyCommandLine,argv[0]); data/minimac4-1.0.2/src/MyVariables.h:195:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(MyCommandLine, argv[i]); data/minimac4-1.0.2/src/Analysis.cpp:263:44: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. InfoPrintStringLength+=sprintf(InfoPrintStringPointer+InfoPrintStringLength , "Genotyped\t%.3f\t%.3f\t%.5f\t%.5f\t%.5f\n", data/minimac4-1.0.2/src/Analysis.cpp:268:41: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. InfoPrintStringLength+=sprintf(InfoPrintStringPointer+InfoPrintStringLength , "Imputed\t-\t-\t-\t-\t-\n"); data/minimac4-1.0.2/src/Analysis.cpp:358:43: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. VcfPrintStringLength+=sprintf(VcfPrintStringPointer + VcfPrintStringLength,"\tTYPED\tGT:LDS"); data/minimac4-1.0.2/src/Analysis.cpp:456:39: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. VcfPrintStringLength+=sprintf(VcfPrintStringPointer + VcfPrintStringLength,"\tAF=%.5f;MAF=%.5f;R2=%.5f", data/minimac4-1.0.2/src/Analysis.cpp:461:43: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. VcfPrintStringLength+=sprintf(VcfPrintStringPointer + VcfPrintStringLength,";ER2=%.5f;TYPED",stats.EmpiricalRsq(i)); data/minimac4-1.0.2/src/Analysis.cpp:463:43: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. VcfPrintStringLength+=sprintf(VcfPrintStringPointer + VcfPrintStringLength,";IMPUTED"); data/minimac4-1.0.2/src/Analysis.cpp:497:39: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. VcfPrintStringLength+=sprintf(VcfPrintStringPointer + VcfPrintStringLength,"\tAF=%.5f;MAF=%.5f;TYPED_ONLY", data/minimac4-1.0.2/src/Analysis.cpp:1497:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). TarFileStream.open(Tarfilename, header); data/minimac4-1.0.2/src/DosageData.cpp:108:36: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. PrintStringLength+=sprintf(PrintStringPointer+PrintStringLength,"0|0"); data/minimac4-1.0.2/src/DosageData.cpp:111:36: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. PrintStringLength+=sprintf(PrintStringPointer+PrintStringLength,"0/0"); data/minimac4-1.0.2/src/DosageData.cpp:128:32: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. PrintStringLength+=sprintf(PrintStringPointer+PrintStringLength,"0,0"); data/minimac4-1.0.2/src/DosageData.cpp:137:32: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. PrintStringLength+=sprintf(PrintStringPointer+PrintStringLength,"1,0,0"); data/minimac4-1.0.2/src/DosageData.cpp:154:32: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. PrintStringLength+=sprintf(PrintStringPointer+PrintStringLength,"%d|%d",(x>0.5),(y>0.5)); data/minimac4-1.0.2/src/DosageData.cpp:161:36: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. PrintStringLength+=sprintf(PrintStringPointer+PrintStringLength,"0/1"); data/minimac4-1.0.2/src/DosageData.cpp:163:36: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. PrintStringLength+=sprintf(PrintStringPointer+PrintStringLength,"1/1"); data/minimac4-1.0.2/src/DosageData.cpp:165:36: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. PrintStringLength+=sprintf(PrintStringPointer+PrintStringLength,"0/0"); data/minimac4-1.0.2/src/DosageData.cpp:174:28: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. PrintStringLength+=sprintf(PrintStringPointer+PrintStringLength,"%.3f",x+ y); data/minimac4-1.0.2/src/DosageData.cpp:182:28: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. PrintStringLength+=sprintf(PrintStringPointer+PrintStringLength,"%.3f,%.3f",x , y); data/minimac4-1.0.2/src/DosageData.cpp:191:28: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. PrintStringLength+=sprintf(PrintStringPointer+PrintStringLength,"%.3f,%.3f,%.3f",(1-x)*(1-y),x*(1-y)+y*(1-x),x*y); data/minimac4-1.0.2/src/DosageData.cpp:198:28: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. PrintStringLength+=sprintf(PrintStringPointer+PrintStringLength,"%.3f", x*(1-x) + y*(1-y)); data/minimac4-1.0.2/src/DosageData.cpp:241:32: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. PrintStringLength+=sprintf(PrintStringPointer+PrintStringLength,"1,0"); data/minimac4-1.0.2/src/DosageData.cpp:258:28: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. PrintStringLength+=sprintf(PrintStringPointer+PrintStringLength,"%d",(x>0.5)); data/minimac4-1.0.2/src/DosageData.cpp:266:28: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. PrintStringLength+=sprintf(PrintStringPointer+PrintStringLength,"%.3f",x); data/minimac4-1.0.2/src/DosageData.cpp:274:28: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. PrintStringLength+=sprintf(PrintStringPointer+PrintStringLength,"%.3f",x ); data/minimac4-1.0.2/src/DosageData.cpp:283:28: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. PrintStringLength+=sprintf(PrintStringPointer+PrintStringLength,"%.3f,%.3f",1-x,x); data/minimac4-1.0.2/src/DosageData.cpp:290:28: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. PrintStringLength+=sprintf(PrintStringPointer+PrintStringLength,"%.3f", x*(1-x)); data/minimac4-1.0.2/src/DosageData.cpp:298:27: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. PrintEmpStringLength+=sprintf(PrintEmpStringPointer+PrintEmpStringLength,"%c|%c",a,b); data/minimac4-1.0.2/src/DosageData.cpp:300:27: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. PrintEmpStringLength+=sprintf(PrintEmpStringPointer+PrintEmpStringLength,"%.3f|%.3f",x , y); data/minimac4-1.0.2/src/DosageData.cpp:307:27: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. PrintEmpStringLength+=sprintf(PrintEmpStringPointer+PrintEmpStringLength,"%c",a); data/minimac4-1.0.2/src/DosageData.cpp:309:27: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. PrintEmpStringLength+=sprintf(PrintEmpStringPointer+PrintEmpStringLength,"%.3f",x); data/minimac4-1.0.2/src/DosageData.cpp:345:44: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. PrintEmpStringLength+=sprintf(PrintEmpStringPointer+PrintEmpStringLength,"\t.|.:.|."); data/minimac4-1.0.2/src/DosageData.cpp:359:44: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. PrintEmpStringLength+=sprintf(PrintEmpStringPointer+PrintEmpStringLength,"\t.:."); data/minimac4-1.0.2/src/Estimation.cpp:155:44: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. InfoPrintStringLength+=sprintf(InfoPrintStringPointer+InfoPrintStringLength , "Genotyped\t%.3f\t%.3f\t%.5f\t%.5f\t%.5f\n", data/minimac4-1.0.2/src/Estimation.cpp:160:44: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. InfoPrintStringLength+=sprintf(InfoPrintStringPointer+InfoPrintStringLength , "Imputed\t-\t-\t-\t-\t-\n"); data/minimac4-1.0.2/src/Estimation.cpp:246:43: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. VcfPrintStringLength+=sprintf(VcfPrintStringPointer + VcfPrintStringLength,"\tTYPED\tGT:LDS"); data/minimac4-1.0.2/src/Estimation.cpp:341:39: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. VcfPrintStringLength+=sprintf(VcfPrintStringPointer + VcfPrintStringLength,"\tAF=%.5f;MAF=%.5f;R2=%.5f", data/minimac4-1.0.2/src/Estimation.cpp:346:43: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. VcfPrintStringLength+=sprintf(VcfPrintStringPointer + VcfPrintStringLength,";ER2=%.5f;TYPED",stats.EmpiricalRsq(i)); data/minimac4-1.0.2/src/Estimation.cpp:348:43: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. VcfPrintStringLength+=sprintf(VcfPrintStringPointer + VcfPrintStringLength,";IMPUTED"); data/minimac4-1.0.2/src/Estimation.cpp:382:39: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. VcfPrintStringLength+=sprintf(VcfPrintStringPointer + VcfPrintStringLength,"\tAF=%.5f;MAF=%.5f;TYPED_ONLY", data/minimac4-1.0.2/src/Estimation.cpp:1144:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). TarFileStream.open(Tarfilename, header); data/minimac4-1.0.2/src/HaplotypeSet.cpp:474:75: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tempVariant.assignValues(currID,rsID,BlockPiecesforVarInfo[0],atoi(BlockPiecesforVarInfo[1].c_str())); data/minimac4-1.0.2/src/HaplotypeSet.cpp:563:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int tempval = atoi(BlockPieces[index + 9].c_str()); data/minimac4-1.0.2/src/HaplotypeSet.cpp:579:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int tempval = atoi(HaploPieces[0].c_str()); data/minimac4-1.0.2/src/HaplotypeSet.cpp:583:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tempval = atoi(HaploPieces[1].c_str()); data/minimac4-1.0.2/src/HaplotypeSet.cpp:589:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int tempval = atoi(BlockPieces[index + 9].c_str()); data/minimac4-1.0.2/src/HaplotypeSet.cpp:630:48: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). AlternateAlleles.push_back(prevVal+atoi(word.c_str())); data/minimac4-1.0.2/src/HaplotypeSet.cpp:645:44: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). AlternateAlleles.push_back(prevVal+atoi(word.c_str())); data/minimac4-1.0.2/src/HaplotypeSet.cpp:800:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). inFile.open(VCFFileName, header); data/minimac4-1.0.2/src/HaplotypeSet.cpp:967:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). inFile.open(VCFFileName, header); data/minimac4-1.0.2/src/HaplotypeSet.cpp:1218:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). NoBlocks=atoi(headerTag[1].c_str()); data/minimac4-1.0.2/src/HaplotypeSet.cpp:1490:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[tempString.length() + 1]; data/minimac4-1.0.2/src/HaplotypeSet.cpp:1589:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). NoBlocks=atoi(pch); data/minimac4-1.0.2/src/HaplotypeSet.cpp:1594:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). numHaplotypes=atoi(pch); data/minimac4-1.0.2/src/HaplotypeSet.cpp:1599:33: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). InitialNMarkers=atoi(pch); data/minimac4-1.0.2/src/HaplotypeSet.cpp:1690:32: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int tempStartBlock=atoi(pch1); data/minimac4-1.0.2/src/HaplotypeSet.cpp:1693:30: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int tempEndBlock=atoi(pch1); data/minimac4-1.0.2/src/HaplotypeSet.cpp:1744:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tempVarCount=atoi(pch3); data/minimac4-1.0.2/src/HaplotypeSet.cpp:1750:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tempRepCount=atoi(pch3); data/minimac4-1.0.2/src/HaplotypeSet.cpp:1782:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int tempval=atoi(pch); data/minimac4-1.0.2/src/HaplotypeSet.cpp:1820:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tempPos=atoi(pch3); data/minimac4-1.0.2/src/HaplotypeSet.cpp:2259:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int tempStartBlock=atoi(PosTokens[0].c_str()); data/minimac4-1.0.2/src/HaplotypeSet.cpp:2260:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int tempEndBlock=atoi(PosTokens[1].c_str()); data/minimac4-1.0.2/src/MyVariables.h:189:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char MyCommandLine[len]; data/minimac4-1.0.2/src/Analysis.cpp:367:43: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. VcfPrintStringLength+=sprintf(VcfPrintStringPointer + VcfPrintStringLength,"\n"); data/minimac4-1.0.2/src/Analysis.cpp:474:40: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. VcfPrintStringLength+=sprintf(VcfPrintStringPointer + VcfPrintStringLength,"\n"); data/minimac4-1.0.2/src/Analysis.cpp:508:39: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. VcfPrintStringLength+=sprintf(VcfPrintStringPointer + VcfPrintStringLength,"\n"); data/minimac4-1.0.2/src/DosageData.cpp:100:24: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. PrintStringLength+=sprintf(PrintStringPointer+PrintStringLength,"\t"); data/minimac4-1.0.2/src/DosageData.cpp:119:36: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. PrintStringLength+=sprintf(PrintStringPointer+PrintStringLength,":"); data/minimac4-1.0.2/src/DosageData.cpp:120:32: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. PrintStringLength+=sprintf(PrintStringPointer+PrintStringLength,"0"); data/minimac4-1.0.2/src/DosageData.cpp:127:36: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. PrintStringLength+=sprintf(PrintStringPointer+PrintStringLength,":"); data/minimac4-1.0.2/src/DosageData.cpp:135:36: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. PrintStringLength+=sprintf(PrintStringPointer+PrintStringLength,":"); data/minimac4-1.0.2/src/DosageData.cpp:142:36: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. PrintStringLength+=sprintf(PrintStringPointer+PrintStringLength,":"); data/minimac4-1.0.2/src/DosageData.cpp:144:32: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. PrintStringLength+=sprintf(PrintStringPointer+PrintStringLength,"0"); data/minimac4-1.0.2/src/DosageData.cpp:173:32: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. PrintStringLength+=sprintf(PrintStringPointer+PrintStringLength,":"); data/minimac4-1.0.2/src/DosageData.cpp:181:32: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. PrintStringLength+=sprintf(PrintStringPointer+PrintStringLength,":"); data/minimac4-1.0.2/src/DosageData.cpp:189:32: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. PrintStringLength+=sprintf(PrintStringPointer+PrintStringLength,":"); data/minimac4-1.0.2/src/DosageData.cpp:196:32: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. PrintStringLength+=sprintf(PrintStringPointer+PrintStringLength,":"); data/minimac4-1.0.2/src/DosageData.cpp:210:24: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. PrintStringLength+=sprintf(PrintStringPointer+PrintStringLength,"\t"); data/minimac4-1.0.2/src/DosageData.cpp:216:32: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. PrintStringLength+=sprintf(PrintStringPointer+PrintStringLength,"0"); data/minimac4-1.0.2/src/DosageData.cpp:223:36: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. PrintStringLength+=sprintf(PrintStringPointer+PrintStringLength,":"); data/minimac4-1.0.2/src/DosageData.cpp:224:32: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. PrintStringLength+=sprintf(PrintStringPointer+PrintStringLength,"0"); data/minimac4-1.0.2/src/DosageData.cpp:231:36: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. PrintStringLength+=sprintf(PrintStringPointer+PrintStringLength,":"); data/minimac4-1.0.2/src/DosageData.cpp:232:32: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. PrintStringLength+=sprintf(PrintStringPointer+PrintStringLength,"0"); data/minimac4-1.0.2/src/DosageData.cpp:239:36: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. PrintStringLength+=sprintf(PrintStringPointer+PrintStringLength,":"); data/minimac4-1.0.2/src/DosageData.cpp:246:36: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. PrintStringLength+=sprintf(PrintStringPointer+PrintStringLength,":"); data/minimac4-1.0.2/src/DosageData.cpp:248:32: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. PrintStringLength+=sprintf(PrintStringPointer+PrintStringLength,"0"); data/minimac4-1.0.2/src/DosageData.cpp:265:32: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. PrintStringLength+=sprintf(PrintStringPointer+PrintStringLength,":"); data/minimac4-1.0.2/src/DosageData.cpp:273:32: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. PrintStringLength+=sprintf(PrintStringPointer+PrintStringLength,":"); data/minimac4-1.0.2/src/DosageData.cpp:281:32: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. PrintStringLength+=sprintf(PrintStringPointer+PrintStringLength,":"); data/minimac4-1.0.2/src/DosageData.cpp:288:32: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. PrintStringLength+=sprintf(PrintStringPointer+PrintStringLength,":"); data/minimac4-1.0.2/src/DosageData.cpp:297:27: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. PrintEmpStringLength+=sprintf(PrintEmpStringPointer+PrintEmpStringLength,"\t"); data/minimac4-1.0.2/src/DosageData.cpp:299:27: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. PrintEmpStringLength+=sprintf(PrintEmpStringPointer+PrintEmpStringLength,":"); data/minimac4-1.0.2/src/DosageData.cpp:306:27: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. PrintEmpStringLength+=sprintf(PrintEmpStringPointer+PrintEmpStringLength,"\t"); data/minimac4-1.0.2/src/DosageData.cpp:308:27: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. PrintEmpStringLength+=sprintf(PrintEmpStringPointer+PrintEmpStringLength,":"); data/minimac4-1.0.2/src/DosageData.cpp:373:24: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. PrintStringLength+=sprintf(PrintStringPointer+PrintStringLength,"\n"); data/minimac4-1.0.2/src/DosageData.cpp:375:31: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. PrintEmpStringLength+=sprintf(PrintEmpStringPointer+PrintEmpStringLength,"\n"); data/minimac4-1.0.2/src/DosageData.cpp:423:24: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. PrintStringLength+=sprintf(PrintStringPointer+PrintStringLength,"\n"); data/minimac4-1.0.2/src/Estimation.cpp:255:43: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. VcfPrintStringLength+=sprintf(VcfPrintStringPointer + VcfPrintStringLength,"\n"); data/minimac4-1.0.2/src/Estimation.cpp:359:39: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. VcfPrintStringLength+=sprintf(VcfPrintStringPointer + VcfPrintStringLength,"\n"); data/minimac4-1.0.2/src/Estimation.cpp:393:39: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. VcfPrintStringLength+=sprintf(VcfPrintStringPointer + VcfPrintStringLength,"\n"); data/minimac4-1.0.2/src/HaplotypeSet.cpp:1952:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(refAllele.c_str()) == 1 data/minimac4-1.0.2/src/HaplotypeSet.cpp:1953:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). && strlen(altAllele.c_str()) == 1) data/minimac4-1.0.2/src/HaplotypeSet.cpp:1999:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(refAllele.c_str())<strlen(altAllele.c_str())) data/minimac4-1.0.2/src/HaplotypeSet.cpp:1999:50: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(refAllele.c_str())<strlen(altAllele.c_str())) data/minimac4-1.0.2/src/MarkovModel.cpp:1321:27: [1] (buffer) mismatch: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. background = (match + mismatch) * backgroundError; data/minimac4-1.0.2/src/MarkovModel.cpp:1322:25: [1] (buffer) mismatch: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. mismatch = (match + mismatch) * e *freq; data/minimac4-1.0.2/src/MarkovModel.cpp:1325:12: [1] (buffer) mismatch: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. return mismatch / (mismatch + match + background); data/minimac4-1.0.2/src/MyVariables.h:185:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len += strlen(argv[i]) + 1; data/minimac4-1.0.2/src/MyVariables.h:194:9: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(MyCommandLine, " "); data/minimac4-1.0.2/src/MyVariables.h:587:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int len = strlen(argv[0]); ANALYSIS SUMMARY: Hits = 133 Lines analyzed = 12920 in approximately 0.31 seconds (41140 lines/second) Physical Source Lines of Code (SLOC) = 8780 Hits@level = [0] 63 [1] 47 [2] 63 [3] 0 [4] 23 [5] 0 Hits@level+ = [0+] 196 [1+] 133 [2+] 86 [3+] 23 [4+] 23 [5+] 0 Hits/KSLOC@level+ = [0+] 22.3235 [1+] 15.1481 [2+] 9.79499 [3+] 2.61959 [4+] 2.61959 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.