Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/mptp-0.2.4/src/aic.c
Examining data/mptp-0.2.4/src/arch.c
Examining data/mptp-0.2.4/src/auto.c
Examining data/mptp-0.2.4/src/dp.c
Examining data/mptp-0.2.4/src/fasta.c
Examining data/mptp-0.2.4/src/hash.c
Examining data/mptp-0.2.4/src/likelihood.c
Examining data/mptp-0.2.4/src/list.c
Examining data/mptp-0.2.4/src/maps.c
Examining data/mptp-0.2.4/src/mptp.c
Examining data/mptp-0.2.4/src/mptp.h
Examining data/mptp-0.2.4/src/multirun.c
Examining data/mptp-0.2.4/src/output.c
Examining data/mptp-0.2.4/src/random.c
Examining data/mptp-0.2.4/src/rtree.c
Examining data/mptp-0.2.4/src/svg.c
Examining data/mptp-0.2.4/src/svg_landscape.c
Examining data/mptp-0.2.4/src/util.c
Examining data/mptp-0.2.4/src/utree.c

FINAL RESULTS:

data/mptp-0.2.4/src/mptp.c:574:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(cmdline, argv[i]);
data/mptp-0.2.4/src/util.c:39:3:  [4] (format) vfprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
  vfprintf(stderr, format, argptr);
data/mptp-0.2.4/src/util.c:134:10:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
  return strcpy(p,s);
data/mptp-0.2.4/src/arch.c:129:7:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
      srand(GetTickCount());
data/mptp-0.2.4/src/arch.c:137:7:  [3] (random) srandom:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
      srandom(seed);
data/mptp-0.2.4/src/arch.c:143:7:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
      srand(seed);
data/mptp-0.2.4/src/arch.c:145:7:  [3] (random) srandom:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
      srandom(seed);
data/mptp-0.2.4/src/arch.c:155:10:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
  return random();
data/mptp-0.2.4/src/arch.c:131:16:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      int fd = open("/dev/urandom", O_RDONLY);
data/mptp-0.2.4/src/fasta.c:45:12:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  fd->fp = fopen(filename, "r");
data/mptp-0.2.4/src/fasta.c:176:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(*head, fd->line + 1, (size_t)headerlen);
data/mptp-0.2.4/src/mptp.c:25:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char progheader[80];
data/mptp-0.2.4/src/mptp.c:29:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char errmsg[200] = {0};
data/mptp-0.2.4/src/mptp.c:217:25:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        opt_svg_width = atoi(optarg);
data/mptp-0.2.4/src/mptp.c:221:28:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        opt_svg_fontsize = atol(optarg);
data/mptp-0.2.4/src/mptp.c:225:28:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        opt_svg_tipspace = atol(optarg);
data/mptp-0.2.4/src/mptp.c:237:30:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        opt_svg_marginleft = atol(optarg);
data/mptp-0.2.4/src/mptp.c:241:31:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        opt_svg_marginright = atol(optarg);
data/mptp-0.2.4/src/mptp.c:245:29:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        opt_svg_margintop = atol(optarg);
data/mptp-0.2.4/src/mptp.c:249:32:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        opt_svg_marginbottom = atol(optarg);
data/mptp-0.2.4/src/mptp.c:253:32:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        opt_svg_inner_radius = atol(optarg);
data/mptp-0.2.4/src/mptp.c:257:25:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        opt_precision = atoi(optarg);
data/mptp-0.2.4/src/mptp.c:261:27:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        opt_mcmc_sample = atol(optarg);
data/mptp-0.2.4/src/mptp.c:269:20:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        opt_seed = atol(optarg);
data/mptp-0.2.4/src/mptp.c:277:27:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        opt_mcmc_burnin = atol(optarg);
data/mptp-0.2.4/src/mptp.c:285:25:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        opt_mcmc_runs = atol(optarg);
data/mptp-0.2.4/src/mptp.c:303:26:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        opt_mcmc_steps = atol(optarg);
data/mptp-0.2.4/src/mptp.h:201:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char line[LINEALLOC];
data/mptp-0.2.4/src/mptp.h:291:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
extern char errmsg[200];
data/mptp-0.2.4/src/rtree.c:416:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(clone,node,sizeof(rtree_t));
data/mptp-0.2.4/src/svg_landscape.c:25:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char line[LINEALLOC];
data/mptp-0.2.4/src/util.c:154:16:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  FILE * out = fopen(filename, mode);
data/mptp-0.2.4/src/arch.c:134:11:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      if (read(fd, & seed, sizeof(seed)) < 0)
data/mptp-0.2.4/src/mptp.c:567:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len += strlen(argv[i]);
data/mptp-0.2.4/src/mptp.c:575:5:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
    strcat(cmdline, " ");
data/mptp-0.2.4/src/rtree.c:441:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  for (i = 0; i < strlen(tipstring); ++i)
data/mptp-0.2.4/src/svg.c:304:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                (node_list[i]->label ? strlen(node_list[i]->label) : 0);
data/mptp-0.2.4/src/util.c:127:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    return (char *)s + strlen(s);
data/mptp-0.2.4/src/util.c:132:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  size_t len = strlen(s);
data/mptp-0.2.4/src/util.c:140:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
  strncpy(p,s,len);
data/mptp-0.2.4/src/utree.c:474:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  for (i = 0; i < strlen(tipstring); ++i)

ANALYSIS SUMMARY:

Hits = 41
Lines analyzed = 6573 in approximately 0.19 seconds (34847 lines/second)
Physical Source Lines of Code (SLOC) = 4465
Hits@level = [0] 153 [1]   9 [2]  24 [3]   5 [4]   3 [5]   0
Hits@level+ = [0+] 194 [1+]  41 [2+]  32 [3+]   8 [4+]   3 [5+]   0
Hits/KSLOC@level+ = [0+] 43.449 [1+] 9.18253 [2+] 7.16685 [3+] 1.79171 [4+] 0.671892 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.