Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/nfft-3.4.0~rc2/3rdparty/cstripack/cstripack.c Examining data/nfft-3.4.0~rc2/3rdparty/cstripack/cstripack.h Examining data/nfft-3.4.0~rc2/applications/doxygen.c Examining data/nfft-3.4.0~rc2/applications/fastsum/fastsum.c Examining data/nfft-3.4.0~rc2/applications/fastsum/fastsum.h Examining data/nfft-3.4.0~rc2/applications/fastsum/fastsum_benchomp.c Examining data/nfft-3.4.0~rc2/applications/fastsum/fastsum_benchomp_createdataset.c Examining data/nfft-3.4.0~rc2/applications/fastsum/fastsum_benchomp_detail.c Examining data/nfft-3.4.0~rc2/applications/fastsum/fastsum_matlab.c Examining data/nfft-3.4.0~rc2/applications/fastsum/fastsum_test.c Examining data/nfft-3.4.0~rc2/applications/fastsum/kernels.c Examining data/nfft-3.4.0~rc2/applications/fastsum/kernels.h Examining data/nfft-3.4.0~rc2/applications/fastsumS2/doxygen.h Examining data/nfft-3.4.0~rc2/applications/fastsumS2/fastsumS2.c Examining data/nfft-3.4.0~rc2/applications/iterS2/doxygen.h Examining data/nfft-3.4.0~rc2/applications/iterS2/iterS2.c Examining data/nfft-3.4.0~rc2/applications/mri/doxygen.c Examining data/nfft-3.4.0~rc2/applications/mri/mri2d/construct_data_2d.c Examining data/nfft-3.4.0~rc2/applications/mri/mri2d/construct_data_inh_2d1d.c Examining data/nfft-3.4.0~rc2/applications/mri/mri2d/construct_data_inh_3d.c Examining data/nfft-3.4.0~rc2/applications/mri/mri2d/doxygen.h Examining data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_2d.c Examining data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_gridding.c Examining data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_inh_2d1d.c Examining data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_inh_3d.c Examining data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_inh_nnfft.c Examining data/nfft-3.4.0~rc2/applications/mri/mri3d/construct_data_2d1d.c Examining data/nfft-3.4.0~rc2/applications/mri/mri3d/construct_data_3d.c Examining data/nfft-3.4.0~rc2/applications/mri/mri3d/doxygen.h Examining data/nfft-3.4.0~rc2/applications/mri/mri3d/reconstruct_data_2d1d.c Examining data/nfft-3.4.0~rc2/applications/mri/mri3d/reconstruct_data_3d.c Examining data/nfft-3.4.0~rc2/applications/mri/mri3d/reconstruct_data_gridding.c Examining data/nfft-3.4.0~rc2/applications/polarFFT/doxygen.h Examining data/nfft-3.4.0~rc2/applications/quadratureS2/doxygen.h Examining data/nfft-3.4.0~rc2/applications/quadratureS2/quadratureS2.c Examining data/nfft-3.4.0~rc2/examples/doxygen.c Examining data/nfft-3.4.0~rc2/examples/fpt/simple_test.c Examining data/nfft-3.4.0~rc2/examples/nfft/flags.c Examining data/nfft-3.4.0~rc2/examples/nfft/ndft_fast.c Examining data/nfft-3.4.0~rc2/examples/nfft/nfft_benchomp.c Examining data/nfft-3.4.0~rc2/examples/nfft/nfft_benchomp_createdataset.c Examining data/nfft-3.4.0~rc2/examples/nfft/nfft_benchomp_detail.c Examining data/nfft-3.4.0~rc2/examples/nfft/nfft_times.c Examining data/nfft-3.4.0~rc2/examples/nfft/taylor_nfft.c Examining data/nfft-3.4.0~rc2/examples/nfsft/nfsft_benchomp.c Examining data/nfft-3.4.0~rc2/examples/nfsft/nfsft_benchomp_createdataset.c Examining data/nfft-3.4.0~rc2/examples/nfsft/nfsft_benchomp_detail.c Examining data/nfft-3.4.0~rc2/examples/nfsft/simple_test.c Examining data/nfft-3.4.0~rc2/examples/nfsft/simple_test_threads.c Examining data/nfft-3.4.0~rc2/examples/nfsoft/simple_test.c Examining data/nfft-3.4.0~rc2/examples/nnfft/accuracy.c Examining data/nfft-3.4.0~rc2/examples/nnfft/simple_test.c Examining data/nfft-3.4.0~rc2/examples/nsfft/nsfft_test.c Examining data/nfft-3.4.0~rc2/examples/nsfft/simple_test.c Examining data/nfft-3.4.0~rc2/examples/solver/doxygen.h Examining data/nfft-3.4.0~rc2/include/api.h Examining data/nfft-3.4.0~rc2/include/cycle.h Examining data/nfft-3.4.0~rc2/include/infft.h Examining data/nfft-3.4.0~rc2/include/nfft3.h Examining data/nfft-3.4.0~rc2/include/nfft3mp.h Examining data/nfft-3.4.0~rc2/include/solver_adjoint.h Examining data/nfft-3.4.0~rc2/kernel/fpt/fpt.c Examining data/nfft-3.4.0~rc2/kernel/fpt/fpt.h Examining data/nfft-3.4.0~rc2/kernel/mri/mri.c Examining data/nfft-3.4.0~rc2/kernel/nfct/nfct.c Examining data/nfft-3.4.0~rc2/kernel/nfft/nfft.c Examining data/nfft-3.4.0~rc2/kernel/nfsft/api.h Examining data/nfft-3.4.0~rc2/kernel/nfsft/legendre.c Examining data/nfft-3.4.0~rc2/kernel/nfsft/legendre.h Examining data/nfft-3.4.0~rc2/kernel/nfsft/nfsft.c Examining data/nfft-3.4.0~rc2/kernel/nfsoft/nfsoft.c Examining data/nfft-3.4.0~rc2/kernel/nfsoft/wigner.c Examining data/nfft-3.4.0~rc2/kernel/nfsoft/wigner.h Examining data/nfft-3.4.0~rc2/kernel/nfst/nfst.c Examining data/nfft-3.4.0~rc2/kernel/nnfft/nnfft.c Examining data/nfft-3.4.0~rc2/kernel/nsfft/nsfft.c Examining data/nfft-3.4.0~rc2/kernel/solver/solver.c Examining data/nfft-3.4.0~rc2/kernel/util/assert.c Examining data/nfft-3.4.0~rc2/kernel/util/bessel_i0.c Examining data/nfft-3.4.0~rc2/kernel/util/bspline.c Examining data/nfft-3.4.0~rc2/kernel/util/damp.c Examining data/nfft-3.4.0~rc2/kernel/util/error.c Examining data/nfft-3.4.0~rc2/kernel/util/float.c Examining data/nfft-3.4.0~rc2/kernel/util/int.c Examining data/nfft-3.4.0~rc2/kernel/util/lambda.c Examining data/nfft-3.4.0~rc2/kernel/util/malloc.c Examining data/nfft-3.4.0~rc2/kernel/util/print.c Examining data/nfft-3.4.0~rc2/kernel/util/rand.c Examining data/nfft-3.4.0~rc2/kernel/util/sinc.c Examining data/nfft-3.4.0~rc2/kernel/util/sort.c Examining data/nfft-3.4.0~rc2/kernel/util/thread.c Examining data/nfft-3.4.0~rc2/kernel/util/time.c Examining data/nfft-3.4.0~rc2/kernel/util/vector1.c Examining data/nfft-3.4.0~rc2/kernel/util/vector2.c Examining data/nfft-3.4.0~rc2/kernel/util/vector3.c Examining data/nfft-3.4.0~rc2/kernel/util/version.c Examining data/nfft-3.4.0~rc2/kernel/util/voronoi.c Examining data/nfft-3.4.0~rc2/kernel/util/window.c Examining data/nfft-3.4.0~rc2/matlab/args.c Examining data/nfft-3.4.0~rc2/matlab/fastsum/fastsummex.c Examining data/nfft-3.4.0~rc2/matlab/imex.h Examining data/nfft-3.4.0~rc2/matlab/malloc.c Examining data/nfft-3.4.0~rc2/matlab/nfct/nfctmex.c Examining data/nfft-3.4.0~rc2/matlab/nfft/nfftmex.c Examining data/nfft-3.4.0~rc2/matlab/nfsft/nfsftmex.c Examining data/nfft-3.4.0~rc2/matlab/nfsoft/nfsoftmex.c Examining data/nfft-3.4.0~rc2/matlab/nfst/nfstmex.c Examining data/nfft-3.4.0~rc2/matlab/nnfft/nnfftmex.c Examining data/nfft-3.4.0~rc2/tests/bessel.c Examining data/nfft-3.4.0~rc2/tests/bessel.h Examining data/nfft-3.4.0~rc2/tests/bspline.c Examining data/nfft-3.4.0~rc2/tests/bspline.h Examining data/nfft-3.4.0~rc2/tests/check.c Examining data/nfft-3.4.0~rc2/tests/check_nfsft.c Examining data/nfft-3.4.0~rc2/tests/nfct.c Examining data/nfft-3.4.0~rc2/tests/nfct.h Examining data/nfft-3.4.0~rc2/tests/nfft.c Examining data/nfft-3.4.0~rc2/tests/nfft.h Examining data/nfft-3.4.0~rc2/tests/nfst.c Examining data/nfft-3.4.0~rc2/tests/nfst.h Examining data/nfft-3.4.0~rc2/tests/reflect.c Examining data/nfft-3.4.0~rc2/tests/reflect.h Examining data/nfft-3.4.0~rc2/tests/util.c Examining data/nfft-3.4.0~rc2/tests/util.h FINAL RESULTS: data/nfft-3.4.0~rc2/applications/fastsum/fastsum_benchomp.c:103:22: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. check_result_value(system(cmd), 0, "createdataset"); data/nfft-3.4.0~rc2/applications/fastsum/fastsum_benchomp.c:169:22: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. check_result_value(system(cmd), 0, cmd); data/nfft-3.4.0~rc2/applications/fastsum/fastsum_benchomp.c:176:24: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. check_result_value(system(cmd), 0, cmd); data/nfft-3.4.0~rc2/applications/fastsum/fastsum_benchomp_detail.c:66:7: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. fscanf(infile, __FR__, &v); data/nfft-3.4.0~rc2/applications/fastsum/fastsum_benchomp_detail.c:73:5: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. fscanf(infile, __FR__ " " __FR__, &re, &im); data/nfft-3.4.0~rc2/applications/fastsum/fastsum_benchomp_detail.c:82:7: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. fscanf(infile, __FR__, &v); data/nfft-3.4.0~rc2/applications/fastsum/fastsum_matlab.c:145:7: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. fscanf(fid1, __FR__, &my_fastsum_plan.x[k * d + t]); data/nfft-3.4.0~rc2/applications/fastsum/fastsum_matlab.c:147:5: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. fscanf(fid2, __FR__, &temp); data/nfft-3.4.0~rc2/applications/fastsum/fastsum_matlab.c:149:5: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. fscanf(fid2, __FR__, &temp); data/nfft-3.4.0~rc2/applications/fastsum/fastsum_matlab.c:161:7: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. fscanf(fid1, __FR__, &my_fastsum_plan.y[j * d + t]); data/nfft-3.4.0~rc2/applications/fastsum/fastsum_matlab.c:173:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(__FI__ "sec\n", time); data/nfft-3.4.0~rc2/applications/fastsum/fastsum_matlab.c:187:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(__FI__ "sec\n", time); data/nfft-3.4.0~rc2/applications/fastsum/fastsum_matlab.c:196:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(__FI__ "sec\n", time); data/nfft-3.4.0~rc2/applications/fastsum/fastsum_test.c:243:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(__FI__ "sec\n", time); data/nfft-3.4.0~rc2/applications/fastsum/fastsum_test.c:257:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(__FI__ "sec\n", time); data/nfft-3.4.0~rc2/applications/fastsum/fastsum_test.c:266:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(__FI__ "sec\n", time); data/nfft-3.4.0~rc2/examples/nfft/nfft_benchomp.c:110:22: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. check_result_value(system(cmd), 0, "createdataset"); data/nfft-3.4.0~rc2/examples/nfft/nfft_benchomp.c:166:22: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. check_result_value(system(cmd), 0, cmd); data/nfft-3.4.0~rc2/examples/nfft/nfft_benchomp.c:173:24: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. check_result_value(system(cmd), 0, cmd); data/nfft-3.4.0~rc2/examples/nfsft/nfsft_benchomp.c:101:22: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. check_result_value(system(cmd), 0, "createdataset"); data/nfft-3.4.0~rc2/examples/nfsft/nfsft_benchomp.c:158:22: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. check_result_value(system(cmd), 0, cmd); data/nfft-3.4.0~rc2/examples/nfsft/nfsft_benchomp.c:318:11: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. len = snprintf(outstr+offset, maxlen-offset, param.nfsft_flags & NFSFT_USE_DPT ? " DPT" : ""); data/nfft-3.4.0~rc2/examples/nnfft/simple_test.c:312:3: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system("clear"); data/nfft-3.4.0~rc2/examples/nsfft/simple_test.c:62:3: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system("clear"); data/nfft-3.4.0~rc2/examples/nsfft/simple_test.c:70:3: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system("clear"); data/nfft-3.4.0~rc2/tests/check_nfsft.c:1345:5: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(__FE__ "\n", numerator/denominator); data/nfft-3.4.0~rc2/tests/nfct.c:188:13: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(__FE__ "\n", r); data/nfft-3.4.0~rc2/tests/nfct.c:421:5: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. fscanf(file, __FI__, &((*x)[j])); data/nfft-3.4.0~rc2/tests/nfct.c:429:5: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. fscanf(file, __FI__, &re); data/nfft-3.4.0~rc2/tests/nfct.c:438:5: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. fscanf(file, __FI__, &re); data/nfft-3.4.0~rc2/tests/nfft.c:189:13: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(__FE__ "\n", r); data/nfft-3.4.0~rc2/tests/nfft.c:416:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(" nthreads = " __D__, X(get_num_threads)()); data/nfft-3.4.0~rc2/tests/nfft.c:426:5: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. fscanf(file, __FI__, &((*x)[j])); data/nfft-3.4.0~rc2/tests/nfft.c:434:5: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. fscanf(file, __FI__ " " __FI__, &re, &im); data/nfft-3.4.0~rc2/tests/nfft.c:443:5: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. fscanf(file, __FI__ " " __FI__, &re, &im); data/nfft-3.4.0~rc2/tests/nfft.c:489:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(" nthreads = " __D__, X(get_num_threads)()); data/nfft-3.4.0~rc2/tests/nfft.c:577:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(" nthreads = " __D__, X(get_num_threads)()); data/nfft-3.4.0~rc2/tests/nfst.c:188:13: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(__FE__ "\n", r); data/nfft-3.4.0~rc2/tests/nfst.c:427:5: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. fscanf(file, __FI__, &((*x)[j])); data/nfft-3.4.0~rc2/tests/nfst.c:435:5: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. fscanf(file, __FI__, &re); data/nfft-3.4.0~rc2/tests/nfst.c:444:5: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. fscanf(file, __FI__, &re); data/nfft-3.4.0~rc2/applications/fastsum/fastsum_benchomp_createdataset.c:49:44: [3] (random) drand48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. x[k * d + j] = K(2.0) * r_max * NFFT(drand48)() - r_max; data/nfft-3.4.0~rc2/applications/fastsum/fastsum_benchomp_createdataset.c:70:44: [3] (random) drand48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. y[k * d + j] = K(2.0) * r_max * NFFT(drand48)() - r_max; data/nfft-3.4.0~rc2/applications/fastsum/fastsum_test.c:173:60: [3] (random) drand48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. my_fastsum_plan.x[k * d + j] = K(2.0) * r_max * NFFT(drand48)() - r_max; data/nfft-3.4.0~rc2/applications/fastsum/fastsum_test.c:199:37: [3] (random) drand48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. my_fastsum_plan.alpha[k] = NFFT(drand48)() + II * NFFT(drand48)(); data/nfft-3.4.0~rc2/applications/fastsum/fastsum_test.c:199:60: [3] (random) drand48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. my_fastsum_plan.alpha[k] = NFFT(drand48)() + II * NFFT(drand48)(); data/nfft-3.4.0~rc2/applications/fastsum/fastsum_test.c:210:60: [3] (random) drand48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. my_fastsum_plan.y[k * d + j] = K(2.0) * r_max * NFFT(drand48)() - r_max; data/nfft-3.4.0~rc2/examples/nfsft/nfsft_benchomp_createdataset.c:49:15: [3] (random) drand48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. x[2*j]= X(drand48)() - K(0.5); data/nfft-3.4.0~rc2/examples/nfsft/nfsft_benchomp_createdataset.c:50:26: [3] (random) drand48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. x[2*j+1]= K(0.5) * X(drand48)(); data/nfft-3.4.0~rc2/include/infft.h:1274:17: [3] (random) drand48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. extern double drand48(void); data/nfft-3.4.0~rc2/include/nfft3.h:842:5: [3] (random) drand48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. R Y(drand48)(void); \ data/nfft-3.4.0~rc2/kernel/util/rand.c:21:5: [3] (random) drand48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. R Y(drand48)(void) data/nfft-3.4.0~rc2/kernel/util/rand.c:24:14: [3] (random) drand48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. return (R)(drand48()); data/nfft-3.4.0~rc2/kernel/util/rand.c:35:3: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand((unsigned int)seed); data/nfft-3.4.0~rc2/kernel/util/rand.c:44:14: [3] (random) drand48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. x[k] = Y(drand48)() + II * Y(drand48)(); data/nfft-3.4.0~rc2/kernel/util/rand.c:44:34: [3] (random) drand48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. x[k] = Y(drand48)() + II * Y(drand48)(); data/nfft-3.4.0~rc2/kernel/util/rand.c:52:14: [3] (random) drand48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. x[k] = Y(drand48)() - K(0.5); data/nfft-3.4.0~rc2/kernel/util/rand.c:60:18: [3] (random) drand48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. x[k] = a + Y(drand48)() * (b - a); data/nfft-3.4.0~rc2/tests/nfct.c:490:26: [3] (random) drand48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. (*x)[j] = K(0.5) * Y(drand48)(); data/nfft-3.4.0~rc2/tests/nfct.c:497:21: [3] (random) drand48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. (*f_hat)[j] = Y(drand48)() - K(0.5); data/nfft-3.4.0~rc2/tests/nfct.c:575:26: [3] (random) drand48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. (*x)[j] = K(0.5) * Y(drand48)(); data/nfft-3.4.0~rc2/tests/nfct.c:582:17: [3] (random) drand48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. (*f)[j] = Y(drand48)() - K(0.5); data/nfft-3.4.0~rc2/tests/nfft.c:499:17: [3] (random) drand48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. (*x)[j] = Y(drand48)() - K(0.5); data/nfft-3.4.0~rc2/tests/nfft.c:506:22: [3] (random) drand48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. (*f_hat)[j] = (Y(drand48)() - K(0.5)) + (Y(drand48)() - K(0.5)) * I; data/nfft-3.4.0~rc2/tests/nfft.c:506:48: [3] (random) drand48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. (*f_hat)[j] = (Y(drand48)() - K(0.5)) + (Y(drand48)() - K(0.5)) * I; data/nfft-3.4.0~rc2/tests/nfft.c:588:17: [3] (random) drand48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. (*x)[j] = Y(drand48)() - K(0.5); data/nfft-3.4.0~rc2/tests/nfft.c:595:18: [3] (random) drand48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. (*f)[j] = (Y(drand48)() - K(0.5)) + (Y(drand48)() - K(0.5)) * I; data/nfft-3.4.0~rc2/tests/nfft.c:595:44: [3] (random) drand48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. (*f)[j] = (Y(drand48)() - K(0.5)) + (Y(drand48)() - K(0.5)) * I; data/nfft-3.4.0~rc2/tests/nfst.c:497:26: [3] (random) drand48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. (*x)[j] = K(0.5) * Y(drand48)(); data/nfft-3.4.0~rc2/tests/nfst.c:504:21: [3] (random) drand48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. (*f_hat)[j] = Y(drand48)() - K(0.5); data/nfft-3.4.0~rc2/tests/nfst.c:582:26: [3] (random) drand48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. (*x)[j] = K(0.5) * Y(drand48)(); data/nfft-3.4.0~rc2/tests/nfst.c:589:17: [3] (random) drand48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. (*f)[j] = Y(drand48)() - K(0.5); data/nfft-3.4.0~rc2/applications/fastsum/fastsum_benchomp.c:97:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmd[1025]; data/nfft-3.4.0~rc2/applications/fastsum/fastsum_benchomp.c:108:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *f = fopen("fastsum_benchomp_test.result", "w"); data/nfft-3.4.0~rc2/applications/fastsum/fastsum_benchomp.c:150:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmd[1025]; data/nfft-3.4.0~rc2/applications/fastsum/fastsum_benchomp.c:177:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen("fastsum_benchomp_test.out", "r"); data/nfft-3.4.0~rc2/applications/fastsum/fastsum_benchomp.c:366:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[maxlen]; data/nfft-3.4.0~rc2/applications/fastsum/fastsum_benchomp.c:409:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostname[1025]; data/nfft-3.4.0~rc2/applications/fastsum/fastsum_benchomp.c:474:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostname[1025]; data/nfft-3.4.0~rc2/applications/fastsum/fastsum_benchomp.c:538:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostname[1025]; data/nfft-3.4.0~rc2/applications/fastsum/fastsum_benchomp.c:539:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char plottitle[1025]; data/nfft-3.4.0~rc2/applications/fastsum/fastsum_benchomp.c:606:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostname[1025]; data/nfft-3.4.0~rc2/applications/fastsum/fastsum_benchomp.c:607:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char plottitle[1025]; data/nfft-3.4.0~rc2/applications/fastsum/fastsum_benchomp.c:657:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char title[256]; data/nfft-3.4.0~rc2/applications/fastsum/fastsum_benchomp.c:739:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file_out_tex = fopen("fastsum_benchomp_results_plots.tex", "w"); data/nfft-3.4.0~rc2/applications/fastsum/fastsum_benchomp_createdataset.c:117:7: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). d = atoi(argv[1]); data/nfft-3.4.0~rc2/applications/fastsum/fastsum_benchomp_createdataset.c:118:7: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). L = atoi(argv[2]); data/nfft-3.4.0~rc2/applications/fastsum/fastsum_benchomp_createdataset.c:119:7: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). M = atoi(argv[3]); data/nfft-3.4.0~rc2/applications/fastsum/fastsum_benchomp_detail.c:158:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). nthreads = atoi(argv[8]); data/nfft-3.4.0~rc2/applications/fastsum/fastsum_benchomp_detail.c:166:7: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). n = atoi(argv[1]); data/nfft-3.4.0~rc2/applications/fastsum/fastsum_benchomp_detail.c:167:7: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). m = atoi(argv[2]); data/nfft-3.4.0~rc2/applications/fastsum/fastsum_benchomp_detail.c:168:7: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). p = atoi(argv[3]); data/nfft-3.4.0~rc2/applications/fastsum/fastsum_matlab.c:84:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). d = atoi(argv[1]); data/nfft-3.4.0~rc2/applications/fastsum/fastsum_matlab.c:85:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). N = atoi(argv[2]); data/nfft-3.4.0~rc2/applications/fastsum/fastsum_matlab.c:87:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). M = atoi(argv[3]); data/nfft-3.4.0~rc2/applications/fastsum/fastsum_matlab.c:88:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). n = atoi(argv[4]); data/nfft-3.4.0~rc2/applications/fastsum/fastsum_matlab.c:89:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). m = atoi(argv[5]); data/nfft-3.4.0~rc2/applications/fastsum/fastsum_matlab.c:90:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). p = atoi(argv[6]); data/nfft-3.4.0~rc2/applications/fastsum/fastsum_matlab.c:139:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fid1 = fopen("x.dat", "r"); data/nfft-3.4.0~rc2/applications/fastsum/fastsum_matlab.c:140:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fid2 = fopen("alpha.dat", "r"); data/nfft-3.4.0~rc2/applications/fastsum/fastsum_matlab.c:156:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fid1 = fopen("y.dat", "r"); data/nfft-3.4.0~rc2/applications/fastsum/fastsum_matlab.c:208:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fid1 = fopen("f.dat", "w+"); data/nfft-3.4.0~rc2/applications/fastsum/fastsum_matlab.c:209:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fid2 = fopen("f_direct.dat", "w+"); data/nfft-3.4.0~rc2/applications/fastsum/fastsum_test.c:86:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). d = atoi(argv[1]); data/nfft-3.4.0~rc2/applications/fastsum/fastsum_test.c:87:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). N = atoi(argv[2]); data/nfft-3.4.0~rc2/applications/fastsum/fastsum_test.c:89:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). M = atoi(argv[3]); data/nfft-3.4.0~rc2/applications/fastsum/fastsum_test.c:90:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). n = atoi(argv[4]); data/nfft-3.4.0~rc2/applications/fastsum/fastsum_test.c:91:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). m = atoi(argv[5]); data/nfft-3.4.0~rc2/applications/fastsum/fastsum_test.c:92:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). p = atoi(argv[6]); data/nfft-3.4.0~rc2/applications/mri/mri2d/construct_data_2d.c:50:6: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp=fopen("knots.dat","r"); data/nfft-3.4.0~rc2/applications/mri/mri2d/construct_data_2d.c:58:6: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fi=fopen("input_f.dat","r"); data/nfft-3.4.0~rc2/applications/mri/mri2d/construct_data_2d.c:59:6: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fk=fopen(file,"w"); data/nfft-3.4.0~rc2/applications/mri/mri2d/construct_data_2d.c:91:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). construct(argv[1],atoi(argv[2]),atoi(argv[3])); data/nfft-3.4.0~rc2/applications/mri/mri2d/construct_data_2d.c:91:35: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). construct(argv[1],atoi(argv[2]),atoi(argv[3])); data/nfft-3.4.0~rc2/applications/mri/mri2d/construct_data_inh_2d1d.c:61:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ftime=fopen("readout_time.dat","r"); data/nfft-3.4.0~rc2/applications/mri/mri2d/construct_data_inh_2d1d.c:62:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). finh=fopen("inh.dat","r"); data/nfft-3.4.0~rc2/applications/mri/mri2d/construct_data_inh_2d1d.c:102:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ftime=fopen("readout_time.dat","r"); data/nfft-3.4.0~rc2/applications/mri/mri2d/construct_data_inh_2d1d.c:103:6: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp=fopen("knots.dat","r"); data/nfft-3.4.0~rc2/applications/mri/mri2d/construct_data_inh_2d1d.c:114:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). finh=fopen("inh.dat","r"); data/nfft-3.4.0~rc2/applications/mri/mri2d/construct_data_inh_2d1d.c:123:6: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fi=fopen("input_f.dat","r"); data/nfft-3.4.0~rc2/applications/mri/mri2d/construct_data_inh_2d1d.c:135:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout=fopen(file,"w"); data/nfft-3.4.0~rc2/applications/mri/mri2d/construct_data_inh_2d1d.c:154:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). construct(argv[1],atoi(argv[2]),atoi(argv[3])); data/nfft-3.4.0~rc2/applications/mri/mri2d/construct_data_inh_2d1d.c:154:35: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). construct(argv[1],atoi(argv[2]),atoi(argv[3])); data/nfft-3.4.0~rc2/applications/mri/mri2d/construct_data_inh_3d.c:61:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ftime=fopen("readout_time.dat","r"); data/nfft-3.4.0~rc2/applications/mri/mri2d/construct_data_inh_3d.c:62:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). finh=fopen("inh.dat","r"); data/nfft-3.4.0~rc2/applications/mri/mri2d/construct_data_inh_3d.c:101:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ftime=fopen("readout_time.dat","r"); data/nfft-3.4.0~rc2/applications/mri/mri2d/construct_data_inh_3d.c:102:6: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp=fopen("knots.dat","r"); data/nfft-3.4.0~rc2/applications/mri/mri2d/construct_data_inh_3d.c:113:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). finh=fopen("inh.dat","r"); data/nfft-3.4.0~rc2/applications/mri/mri2d/construct_data_inh_3d.c:122:6: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fi=fopen("input_f.dat","r"); data/nfft-3.4.0~rc2/applications/mri/mri2d/construct_data_inh_3d.c:134:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout=fopen(file,"w"); data/nfft-3.4.0~rc2/applications/mri/mri2d/construct_data_inh_3d.c:153:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). construct(argv[1],atoi(argv[2]),atoi(argv[3])); data/nfft-3.4.0~rc2/applications/mri/mri2d/construct_data_inh_3d.c:153:35: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). construct(argv[1],atoi(argv[2]),atoi(argv[3])); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_2d.c:71:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin=fopen("weights.dat","r"); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_2d.c:96:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin=fopen(filename,"r"); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_2d.c:138:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout_real=fopen("output_real.dat","w"); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_2d.c:139:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout_imag=fopen("output_imag.dat","w"); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_2d.c:163:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). reconstruct(argv[1],atoi(argv[2]),atoi(argv[3]),atoi(argv[4]),atoi(argv[5])); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_2d.c:163:37: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). reconstruct(argv[1],atoi(argv[2]),atoi(argv[3]),atoi(argv[4]),atoi(argv[5])); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_2d.c:163:51: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). reconstruct(argv[1],atoi(argv[2]),atoi(argv[3]),atoi(argv[4]),atoi(argv[5])); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_2d.c:163:65: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). reconstruct(argv[1],atoi(argv[2]),atoi(argv[3]),atoi(argv[4]),atoi(argv[5])); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_gridding.c:58:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin=fopen(filename,"r"); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_gridding.c:60:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fweight=fopen("weights.dat","r"); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_gridding.c:83:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout_real=fopen("output_real.dat","w"); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_gridding.c:84:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout_imag=fopen("output_imag.dat","w"); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_gridding.c:105:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). reconstruct(argv[1],atoi(argv[2]),atoi(argv[3]),atoi(argv[5])); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_gridding.c:105:37: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). reconstruct(argv[1],atoi(argv[2]),atoi(argv[3]),atoi(argv[5])); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_gridding.c:105:51: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). reconstruct(argv[1],atoi(argv[2]),atoi(argv[3]),atoi(argv[5])); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_inh_2d1d.c:57:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ftime=fopen("readout_time.dat","r"); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_inh_2d1d.c:58:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). finh=fopen("inh.dat","r"); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_inh_2d1d.c:116:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fw=fopen("weights.dat","r"); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_inh_2d1d.c:140:6: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp=fopen(filename,"r"); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_inh_2d1d.c:141:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ftime=fopen("readout_time.dat","r"); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_inh_2d1d.c:155:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). finh=fopen("inh.dat","r"); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_inh_2d1d.c:194:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout_real=fopen("output_real.dat","w"); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_inh_2d1d.c:195:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout_imag=fopen("output_imag.dat","w"); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_inh_2d1d.c:220:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). reconstruct(argv[1],atoi(argv[2]),atoi(argv[3]),atoi(argv[4]),atoi(argv[5])); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_inh_2d1d.c:220:37: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). reconstruct(argv[1],atoi(argv[2]),atoi(argv[3]),atoi(argv[4]),atoi(argv[5])); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_inh_2d1d.c:220:51: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). reconstruct(argv[1],atoi(argv[2]),atoi(argv[3]),atoi(argv[4]),atoi(argv[5])); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_inh_2d1d.c:220:65: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). reconstruct(argv[1],atoi(argv[2]),atoi(argv[3]),atoi(argv[4]),atoi(argv[5])); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_inh_3d.c:57:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ftime=fopen("readout_time.dat","r"); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_inh_3d.c:58:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). finh=fopen("inh.dat","r"); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_inh_3d.c:110:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fw=fopen("weights.dat","r"); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_inh_3d.c:134:6: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp=fopen(filename,"r"); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_inh_3d.c:135:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ftime=fopen("readout_time.dat","r"); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_inh_3d.c:149:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). finh=fopen("inh.dat","r"); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_inh_3d.c:188:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout_real=fopen("output_real.dat","w"); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_inh_3d.c:189:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout_imag=fopen("output_imag.dat","w"); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_inh_3d.c:214:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). reconstruct(argv[1],atoi(argv[2]),atoi(argv[3]),atoi(argv[4]),atoi(argv[5])); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_inh_3d.c:214:37: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). reconstruct(argv[1],atoi(argv[2]),atoi(argv[3]),atoi(argv[4]),atoi(argv[5])); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_inh_3d.c:214:51: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). reconstruct(argv[1],atoi(argv[2]),atoi(argv[3]),atoi(argv[4]),atoi(argv[5])); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_inh_3d.c:214:65: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). reconstruct(argv[1],atoi(argv[2]),atoi(argv[3]),atoi(argv[4]),atoi(argv[5])); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_inh_nnfft.c:65:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ftime=fopen("readout_time.dat","r"); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_inh_nnfft.c:66:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). finh=fopen("inh.dat","r"); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_inh_nnfft.c:121:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin=fopen("weights.dat","r"); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_inh_nnfft.c:146:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin=fopen(filename,"r"); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_inh_nnfft.c:147:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ftime=fopen("readout_time.dat","r"); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_inh_nnfft.c:201:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout_real=fopen("output_real.dat","w"); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_inh_nnfft.c:202:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout_imag=fopen("output_imag.dat","w"); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_inh_nnfft.c:233:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). reconstruct(argv[1],atoi(argv[2]),atoi(argv[3]),atoi(argv[4]),atoi(argv[5])); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_inh_nnfft.c:233:37: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). reconstruct(argv[1],atoi(argv[2]),atoi(argv[3]),atoi(argv[4]),atoi(argv[5])); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_inh_nnfft.c:233:51: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). reconstruct(argv[1],atoi(argv[2]),atoi(argv[3]),atoi(argv[4]),atoi(argv[5])); data/nfft-3.4.0~rc2/applications/mri/mri2d/reconstruct_data_inh_nnfft.c:233:65: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). reconstruct(argv[1],atoi(argv[2]),atoi(argv[3]),atoi(argv[4]),atoi(argv[5])); data/nfft-3.4.0~rc2/applications/mri/mri3d/construct_data_2d1d.c:47:6: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp=fopen("knots.dat","r"); data/nfft-3.4.0~rc2/applications/mri/mri3d/construct_data_2d1d.c:55:6: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp=fopen(file,"w"); data/nfft-3.4.0~rc2/applications/mri/mri3d/construct_data_2d1d.c:106:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin=fopen("input_f.dat","r"); data/nfft-3.4.0~rc2/applications/mri/mri3d/construct_data_2d1d.c:128:60: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). mem = (fftw_complex*) nfft_malloc(sizeof(fftw_complex) * atoi(argv[2]) * atoi(argv[2]) * atoi(argv[4])); data/nfft-3.4.0~rc2/applications/mri/mri3d/construct_data_2d1d.c:128:76: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). mem = (fftw_complex*) nfft_malloc(sizeof(fftw_complex) * atoi(argv[2]) * atoi(argv[2]) * atoi(argv[4])); data/nfft-3.4.0~rc2/applications/mri/mri3d/construct_data_2d1d.c:128:92: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). mem = (fftw_complex*) nfft_malloc(sizeof(fftw_complex) * atoi(argv[2]) * atoi(argv[2]) * atoi(argv[4])); data/nfft-3.4.0~rc2/applications/mri/mri3d/construct_data_2d1d.c:130:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). read_data(atoi(argv[2]),atoi(argv[3]),atoi(argv[4]), mem); data/nfft-3.4.0~rc2/applications/mri/mri3d/construct_data_2d1d.c:130:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). read_data(atoi(argv[2]),atoi(argv[3]),atoi(argv[4]), mem); data/nfft-3.4.0~rc2/applications/mri/mri3d/construct_data_2d1d.c:130:41: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). read_data(atoi(argv[2]),atoi(argv[3]),atoi(argv[4]), mem); data/nfft-3.4.0~rc2/applications/mri/mri3d/construct_data_2d1d.c:132:7: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). fft(atoi(argv[2]),atoi(argv[3]),atoi(argv[4]), mem); data/nfft-3.4.0~rc2/applications/mri/mri3d/construct_data_2d1d.c:132:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). fft(atoi(argv[2]),atoi(argv[3]),atoi(argv[4]), mem); data/nfft-3.4.0~rc2/applications/mri/mri3d/construct_data_2d1d.c:132:35: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). fft(atoi(argv[2]),atoi(argv[3]),atoi(argv[4]), mem); data/nfft-3.4.0~rc2/applications/mri/mri3d/construct_data_2d1d.c:134:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). construct(argv[1],atoi(argv[2]),atoi(argv[3]),atoi(argv[4]), mem); data/nfft-3.4.0~rc2/applications/mri/mri3d/construct_data_2d1d.c:134:35: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). construct(argv[1],atoi(argv[2]),atoi(argv[3]),atoi(argv[4]), mem); data/nfft-3.4.0~rc2/applications/mri/mri3d/construct_data_2d1d.c:134:49: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). construct(argv[1],atoi(argv[2]),atoi(argv[3]),atoi(argv[4]), mem); data/nfft-3.4.0~rc2/applications/mri/mri3d/construct_data_3d.c:53:6: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp=fopen("knots.dat","r"); data/nfft-3.4.0~rc2/applications/mri/mri3d/construct_data_3d.c:61:6: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp=fopen("input_f.dat","r"); data/nfft-3.4.0~rc2/applications/mri/mri3d/construct_data_3d.c:62:6: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fk=fopen(file,"w"); data/nfft-3.4.0~rc2/applications/mri/mri3d/construct_data_3d.c:101:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). construct(argv[1], atoi(argv[2]),atoi(argv[3]),atoi(argv[4])); data/nfft-3.4.0~rc2/applications/mri/mri3d/construct_data_3d.c:101:36: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). construct(argv[1], atoi(argv[2]),atoi(argv[3]),atoi(argv[4])); data/nfft-3.4.0~rc2/applications/mri/mri3d/construct_data_3d.c:101:50: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). construct(argv[1], atoi(argv[2]),atoi(argv[3]),atoi(argv[4])); data/nfft-3.4.0~rc2/applications/mri/mri3d/reconstruct_data_2d1d.c:72:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin=fopen("weights.dat","r"); data/nfft-3.4.0~rc2/applications/mri/mri3d/reconstruct_data_2d1d.c:97:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin=fopen(filename,"r"); data/nfft-3.4.0~rc2/applications/mri/mri3d/reconstruct_data_2d1d.c:158:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout_real=fopen("output_real.dat","w"); data/nfft-3.4.0~rc2/applications/mri/mri3d/reconstruct_data_2d1d.c:159:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout_imag=fopen("output_imag.dat","w"); data/nfft-3.4.0~rc2/applications/mri/mri3d/reconstruct_data_2d1d.c:185:5: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). N=atoi(argv[2]); data/nfft-3.4.0~rc2/applications/mri/mri3d/reconstruct_data_2d1d.c:186:5: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). M=atoi(argv[3]); data/nfft-3.4.0~rc2/applications/mri/mri3d/reconstruct_data_2d1d.c:187:5: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). Z=atoi(argv[4]); data/nfft-3.4.0~rc2/applications/mri/mri3d/reconstruct_data_2d1d.c:191:60: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). mem = (fftw_complex*) nfft_malloc(sizeof(fftw_complex) * atoi(argv[2]) * atoi(argv[2]) * atoi(argv[4])); data/nfft-3.4.0~rc2/applications/mri/mri3d/reconstruct_data_2d1d.c:191:76: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). mem = (fftw_complex*) nfft_malloc(sizeof(fftw_complex) * atoi(argv[2]) * atoi(argv[2]) * atoi(argv[4])); data/nfft-3.4.0~rc2/applications/mri/mri3d/reconstruct_data_2d1d.c:191:92: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). mem = (fftw_complex*) nfft_malloc(sizeof(fftw_complex) * atoi(argv[2]) * atoi(argv[2]) * atoi(argv[4])); data/nfft-3.4.0~rc2/applications/mri/mri3d/reconstruct_data_2d1d.c:202:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). reconstruct(argv[1],N,M,Z,atoi(argv[5]),atoi(argv[6]),mem); data/nfft-3.4.0~rc2/applications/mri/mri3d/reconstruct_data_2d1d.c:202:43: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). reconstruct(argv[1],N,M,Z,atoi(argv[5]),atoi(argv[6]),mem); data/nfft-3.4.0~rc2/applications/mri/mri3d/reconstruct_data_3d.c:75:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin=fopen("weights.dat","r"); data/nfft-3.4.0~rc2/applications/mri/mri3d/reconstruct_data_3d.c:103:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin=fopen(filename,"r"); data/nfft-3.4.0~rc2/applications/mri/mri3d/reconstruct_data_3d.c:106:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout_real=fopen("output_real.dat","w"); data/nfft-3.4.0~rc2/applications/mri/mri3d/reconstruct_data_3d.c:107:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout_imag=fopen("output_imag.dat","w"); data/nfft-3.4.0~rc2/applications/mri/mri3d/reconstruct_data_3d.c:167:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). reconstruct(argv[1],atoi(argv[2]),atoi(argv[3]),atoi(argv[4]),atoi(argv[5]),atoi(argv[6])); data/nfft-3.4.0~rc2/applications/mri/mri3d/reconstruct_data_3d.c:167:37: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). reconstruct(argv[1],atoi(argv[2]),atoi(argv[3]),atoi(argv[4]),atoi(argv[5]),atoi(argv[6])); data/nfft-3.4.0~rc2/applications/mri/mri3d/reconstruct_data_3d.c:167:51: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). reconstruct(argv[1],atoi(argv[2]),atoi(argv[3]),atoi(argv[4]),atoi(argv[5]),atoi(argv[6])); data/nfft-3.4.0~rc2/applications/mri/mri3d/reconstruct_data_3d.c:167:65: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). reconstruct(argv[1],atoi(argv[2]),atoi(argv[3]),atoi(argv[4]),atoi(argv[5]),atoi(argv[6])); data/nfft-3.4.0~rc2/applications/mri/mri3d/reconstruct_data_3d.c:167:79: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). reconstruct(argv[1],atoi(argv[2]),atoi(argv[3]),atoi(argv[4]),atoi(argv[5]),atoi(argv[6])); data/nfft-3.4.0~rc2/applications/mri/mri3d/reconstruct_data_gridding.c:60:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin=fopen(filename,"r"); data/nfft-3.4.0~rc2/applications/mri/mri3d/reconstruct_data_gridding.c:63:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fweight=fopen("weights.dat","r"); data/nfft-3.4.0~rc2/applications/mri/mri3d/reconstruct_data_gridding.c:106:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout_real=fopen("output_real.dat","w"); data/nfft-3.4.0~rc2/applications/mri/mri3d/reconstruct_data_gridding.c:107:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout_imag=fopen("output_imag.dat","w"); data/nfft-3.4.0~rc2/applications/mri/mri3d/reconstruct_data_gridding.c:134:5: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). N=atoi(argv[2]); data/nfft-3.4.0~rc2/applications/mri/mri3d/reconstruct_data_gridding.c:135:5: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). M=atoi(argv[3]); data/nfft-3.4.0~rc2/applications/mri/mri3d/reconstruct_data_gridding.c:136:5: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). Z=atoi(argv[4]); data/nfft-3.4.0~rc2/applications/mri/mri3d/reconstruct_data_gridding.c:140:60: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). mem = (fftw_complex*) nfft_malloc(sizeof(fftw_complex) * atoi(argv[2]) * atoi(argv[2]) * atoi(argv[4])); data/nfft-3.4.0~rc2/applications/mri/mri3d/reconstruct_data_gridding.c:140:76: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). mem = (fftw_complex*) nfft_malloc(sizeof(fftw_complex) * atoi(argv[2]) * atoi(argv[2]) * atoi(argv[4])); data/nfft-3.4.0~rc2/applications/mri/mri3d/reconstruct_data_gridding.c:140:92: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). mem = (fftw_complex*) nfft_malloc(sizeof(fftw_complex) * atoi(argv[2]) * atoi(argv[2]) * atoi(argv[4])); data/nfft-3.4.0~rc2/applications/mri/mri3d/reconstruct_data_gridding.c:151:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). reconstruct(argv[1],atoi(argv[2]),atoi(argv[3]),atoi(argv[4]),atoi(argv[6]),mem); data/nfft-3.4.0~rc2/applications/mri/mri3d/reconstruct_data_gridding.c:151:37: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). reconstruct(argv[1],atoi(argv[2]),atoi(argv[3]),atoi(argv[4]),atoi(argv[6]),mem); data/nfft-3.4.0~rc2/applications/mri/mri3d/reconstruct_data_gridding.c:151:51: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). reconstruct(argv[1],atoi(argv[2]),atoi(argv[3]),atoi(argv[4]),atoi(argv[6]),mem); data/nfft-3.4.0~rc2/applications/mri/mri3d/reconstruct_data_gridding.c:151:65: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). reconstruct(argv[1],atoi(argv[2]),atoi(argv[3]),atoi(argv[4]),atoi(argv[6]),mem); data/nfft-3.4.0~rc2/applications/quadratureS2/quadratureS2.c:747:15: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(f_compare,f_grid,m_total*sizeof(double _Complex)); data/nfft-3.4.0~rc2/applications/quadratureS2/quadratureS2.c:774:15: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(f_compare,f_grid,m_total*sizeof(double _Complex)); data/nfft-3.4.0~rc2/applications/quadratureS2/quadratureS2.c:797:15: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(f_compare,f_grid,m_total*sizeof(double _Complex)); data/nfft-3.4.0~rc2/applications/quadratureS2/quadratureS2.c:822:15: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(f_compare,f_grid,m_total*sizeof(double _Complex)); data/nfft-3.4.0~rc2/applications/quadratureS2/quadratureS2.c:847:15: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(f_compare,f_grid,m_total*sizeof(double _Complex)); data/nfft-3.4.0~rc2/applications/quadratureS2/quadratureS2.c:872:15: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(f_compare,f_grid,m_total*sizeof(double _Complex)); data/nfft-3.4.0~rc2/applications/quadratureS2/quadratureS2.c:903:15: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(f_compare,f_grid,m_total*sizeof(double _Complex)); data/nfft-3.4.0~rc2/applications/quadratureS2/quadratureS2.c:922:15: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(f_compare,f_grid,m_total*sizeof(double _Complex)); data/nfft-3.4.0~rc2/examples/nfft/flags.c:281:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if ((test == 0) && (atoi(argv[1]) < 2)) data/nfft-3.4.0~rc2/examples/nfft/flags.c:292:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int arg2 = atoi(argv[2]); data/nfft-3.4.0~rc2/examples/nfft/flags.c:293:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int arg3 = atoi(argv[3]); data/nfft-3.4.0~rc2/examples/nfft/flags.c:294:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int arg4 = atoi(argv[4]); data/nfft-3.4.0~rc2/examples/nfft/flags.c:297:7: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (atoi(argv[1]) == 0) data/nfft-3.4.0~rc2/examples/nfft/flags.c:299:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int d = atoi(argv[5]); data/nfft-3.4.0~rc2/examples/nfft/flags.c:300:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int m = atoi(argv[6]); data/nfft-3.4.0~rc2/examples/nfft/flags.c:312:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). else if (atoi(argv[1]) == 1) /* accuracy vs. time */ data/nfft-3.4.0~rc2/examples/nfft/flags.c:314:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int d = atoi(argv[5]); data/nfft-3.4.0~rc2/examples/nfft/flags.c:315:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int N = atoi(argv[6]); data/nfft-3.4.0~rc2/examples/nfft/flags.c:326:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). else if (atoi(argv[1]) == 2) /* accuracy vs. K for linear interpolation, assumes (m+1)|K */ data/nfft-3.4.0~rc2/examples/nfft/flags.c:328:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int d = atoi(argv[5]); data/nfft-3.4.0~rc2/examples/nfft/flags.c:329:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int N = atoi(argv[6]); data/nfft-3.4.0~rc2/examples/nfft/flags.c:330:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int m = atoi(argv[7]); data/nfft-3.4.0~rc2/examples/nfft/ndft_fast.c:202:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int arg2 = (atoi(argv[2])); data/nfft-3.4.0~rc2/examples/nfft/ndft_fast.c:203:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int arg3 = (atoi(argv[3])); data/nfft-3.4.0~rc2/examples/nfft/ndft_fast.c:204:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int arg4 = (atoi(argv[4])); data/nfft-3.4.0~rc2/examples/nfft/ndft_fast.c:209:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (atoi(argv[1]) == 0) data/nfft-3.4.0~rc2/examples/nfft/nfft_benchomp.c:97:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmd[1025]; data/nfft-3.4.0~rc2/examples/nfft/nfft_benchomp.c:115:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *f = fopen("nfft_benchomp_test.result", "w"); data/nfft-3.4.0~rc2/examples/nfft/nfft_benchomp.c:153:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmd[1025]; data/nfft-3.4.0~rc2/examples/nfft/nfft_benchomp.c:174:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen("nfft_benchomp_test.out", "r"); data/nfft-3.4.0~rc2/examples/nfft/nfft_benchomp.c:341:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostname[1025]; data/nfft-3.4.0~rc2/examples/nfft/nfft_benchomp.c:342:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char plottitle[1025]; data/nfft-3.4.0~rc2/examples/nfft/nfft_benchomp.c:379:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char title[256]; data/nfft-3.4.0~rc2/examples/nfft/nfft_benchomp.c:409:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostname[1025]; data/nfft-3.4.0~rc2/examples/nfft/nfft_benchomp.c:688:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file_out_tex = fopen("nfft_benchomp_results_plots.tex", "w"); data/nfft-3.4.0~rc2/examples/nfft/nfft_benchomp_createdataset.c:107:7: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). d = atoi(argv[1]); data/nfft-3.4.0~rc2/examples/nfft/nfft_benchomp_createdataset.c:118:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). trafo_adjoint = atoi(argv[2]); data/nfft-3.4.0~rc2/examples/nfft/nfft_benchomp_createdataset.c:125:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). N[t] = atoi(argv[3+t]); data/nfft-3.4.0~rc2/examples/nfft/nfft_benchomp_createdataset.c:131:7: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). M = atoi(argv[3+d]); data/nfft-3.4.0~rc2/examples/nfft/nfft_benchomp_detail.c:137:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). nthreads = atoi(argv[3]); data/nfft-3.4.0~rc2/examples/nfft/nfft_benchomp_detail.c:145:7: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). m = atoi(argv[1]); data/nfft-3.4.0~rc2/examples/nfft/nfft_benchomp_detail.c:146:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). psi_flag = atoi(argv[2]); data/nfft-3.4.0~rc2/examples/nfft/taylor_nfft.c:307:7: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (atoi(argv[1]) == 0) data/nfft-3.4.0~rc2/examples/nfft/taylor_nfft.c:310:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int arg2 = atoi(argv[2]); data/nfft-3.4.0~rc2/examples/nfft/taylor_nfft.c:311:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int arg3 = atoi(argv[3]); data/nfft-3.4.0~rc2/examples/nfft/taylor_nfft.c:312:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int arg4 = atoi(argv[4]); data/nfft-3.4.0~rc2/examples/nfft/taylor_nfft.c:327:7: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (atoi(argv[1]) == 1) data/nfft-3.4.0~rc2/examples/nfft/taylor_nfft.c:329:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int arg2 = atoi(argv[2]); data/nfft-3.4.0~rc2/examples/nfft/taylor_nfft.c:330:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int arg3 = atoi(argv[3]); data/nfft-3.4.0~rc2/examples/nfft/taylor_nfft.c:331:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int arg4 = atoi(argv[4]); data/nfft-3.4.0~rc2/examples/nfft/taylor_nfft.c:332:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int N = atoi(argv[7]); data/nfft-3.4.0~rc2/examples/nfsft/nfsft_benchomp.c:97:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmd[1025]; data/nfft-3.4.0~rc2/examples/nfsft/nfsft_benchomp.c:106:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *f = fopen("nfsft_benchomp_test.result", "w"); data/nfft-3.4.0~rc2/examples/nfsft/nfsft_benchomp.c:144:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmd[1025]; data/nfft-3.4.0~rc2/examples/nfsft/nfsft_benchomp.c:160:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen("nfsft_benchomp_test.out", "r"); data/nfft-3.4.0~rc2/examples/nfsft/nfsft_benchomp.c:328:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostname[1025]; data/nfft-3.4.0~rc2/examples/nfsft/nfsft_benchomp.c:329:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char plottitle[1025]; data/nfft-3.4.0~rc2/examples/nfsft/nfsft_benchomp.c:370:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char title[256]; data/nfft-3.4.0~rc2/examples/nfsft/nfsft_benchomp.c:401:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hostname[1025]; data/nfft-3.4.0~rc2/examples/nfsft/nfsft_benchomp.c:521:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file_out_tex = fopen("nfsft_benchomp_results_plots.tex", "w"); data/nfft-3.4.0~rc2/examples/nfsft/nfsft_benchomp_createdataset.c:101:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). trafo_adjoint = atoi(argv[1]); data/nfft-3.4.0~rc2/examples/nfsft/nfsft_benchomp_createdataset.c:105:7: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). N = atoi(argv[2]); data/nfft-3.4.0~rc2/examples/nfsft/nfsft_benchomp_createdataset.c:106:7: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). M = atoi(argv[3]); data/nfft-3.4.0~rc2/examples/nfsft/nfsft_benchomp_detail.c:193:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). nthreads = atoi(argv[5]); data/nfft-3.4.0~rc2/examples/nfsft/nfsft_benchomp_detail.c:201:7: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). m = atoi(argv[1]); data/nfft-3.4.0~rc2/examples/nfsft/nfsft_benchomp_detail.c:202:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). nfsft_flags = atoi(argv[2]); data/nfft-3.4.0~rc2/examples/nfsft/nfsft_benchomp_detail.c:203:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). psi_flags = atoi(argv[3]); data/nfft-3.4.0~rc2/examples/nfsft/nfsft_benchomp_detail.c:204:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). nrepeat = atoi(argv[4]); data/nfft-3.4.0~rc2/examples/nfsoft/simple_test.c:193:7: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). N = atoi(argv[1]); data/nfft-3.4.0~rc2/examples/nfsoft/simple_test.c:194:7: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). M = atoi(argv[2]); data/nfft-3.4.0~rc2/examples/nsfft/nsfft_test.c:181:5: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). d=atoi(argv[2]); data/nfft-3.4.0~rc2/examples/nsfft/nsfft_test.c:184:6: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(atoi(argv[1])==1) data/nfft-3.4.0~rc2/examples/nsfft/nsfft_test.c:192:6: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(atoi(argv[1])==2) data/nfft-3.4.0~rc2/examples/nsfft/nsfft_test.c:196:11: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). for(J=atoi(argv[3]); J<=atoi(argv[4]); J++) data/nfft-3.4.0~rc2/examples/nsfft/nsfft_test.c:196:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). for(J=atoi(argv[3]); J<=atoi(argv[4]); J++) data/nfft-3.4.0~rc2/include/cycle.h:496:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open ("/dev/mem", O_RDONLY | O_SYNC, 0); data/nfft-3.4.0~rc2/kernel/fpt/fpt.c:275:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(b,set->z,length*sizeof(double _Complex)); \ data/nfft-3.4.0~rc2/kernel/fpt/fpt.c:331:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(b,set->z,length*sizeof(double _Complex)); data/nfft-3.4.0~rc2/kernel/fpt/fpt.c:381:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(b,set->z,length*sizeof(double _Complex)); data/nfft-3.4.0~rc2/kernel/fpt/fpt.c:410:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(a,set->z,length*sizeof(double _Complex)); \ data/nfft-3.4.0~rc2/kernel/fpt/fpt.c:439:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(a,set->z,length*sizeof(double _Complex)); data/nfft-3.4.0~rc2/kernel/fpt/fpt.c:462:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(a,set->z,length*sizeof(double _Complex)); data/nfft-3.4.0~rc2/kernel/fpt/fpt.c:1162:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data->_alpha,alpha,(set->N+1)*sizeof(double)); data/nfft-3.4.0~rc2/kernel/fpt/fpt.c:1163:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data->_beta,beta,(set->N+1)*sizeof(double)); data/nfft-3.4.0~rc2/kernel/fpt/fpt.c:1164:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data->_gamma,gam,(set->N+1)*sizeof(double)); data/nfft-3.4.0~rc2/kernel/fpt/fpt.c:1200:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&set->result[data->k_start],x,(k_end-data->k_start+1)*sizeof(double _Complex)); data/nfft-3.4.0~rc2/kernel/fpt/fpt.c:1211:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&set->temp[data->k_start],x,(k_end-data->k_start+1)*sizeof(double _Complex)); data/nfft-3.4.0~rc2/kernel/fpt/fpt.c:1226:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(y,set->result,(k_end+1)*sizeof(double _Complex)); data/nfft-3.4.0~rc2/kernel/fpt/fpt.c:1343:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(set->vec3,&(set->work[(plength/2)*(4*l+2)]),(plength/2)*sizeof(double _Complex)); data/nfft-3.4.0~rc2/kernel/fpt/fpt.c:1344:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(set->vec4,&(set->work[(plength/2)*(4*l+3)]),(plength/2)*sizeof(double _Complex)); data/nfft-3.4.0~rc2/kernel/fpt/fpt.c:1349:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&(set->work[(plength/2)*(4*l+2)]),&(set->work[(plength/2)*(4*l+1)]),(plength/2)*sizeof(double _Complex)); data/nfft-3.4.0~rc2/kernel/fpt/fpt.c:1542:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(x,&set->result[data->k_start],(k_end-data->k_start+1)* data/nfft-3.4.0~rc2/kernel/fpt/fpt.c:1547:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(set->result,y,(k_end+1)*sizeof(double _Complex)); data/nfft-3.4.0~rc2/kernel/fpt/fpt.c:1562:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(x,&set->temp[data->k_start],(k_end-data->k_start+1)*sizeof(double _Complex)); data/nfft-3.4.0~rc2/kernel/fpt/fpt.c:1645:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(set->result,y,(k_end+1)*sizeof(double _Complex)); data/nfft-3.4.0~rc2/kernel/fpt/fpt.c:1671:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(set->result,set->work,2*Nk*sizeof(double _Complex)); data/nfft-3.4.0~rc2/kernel/fpt/fpt.c:1686:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(set->vec3,&(set->work[(plength/2)*(4*l+0)]),plength*sizeof(double _Complex)); data/nfft-3.4.0~rc2/kernel/fpt/fpt.c:1687:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(set->vec4,&(set->work[(plength/2)*(4*l+2)]),plength*sizeof(double _Complex)); data/nfft-3.4.0~rc2/kernel/fpt/fpt.c:1689:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&set->work[(plength/2)*(4*l+1)],&(set->work[(plength/2)*(4*l+2)]), data/nfft-3.4.0~rc2/kernel/fpt/fpt.c:1710:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&(set->vec3[plength/2]), set->vec4,(plength/2)*sizeof(double _Complex)); data/nfft-3.4.0~rc2/kernel/fpt/fpt.c:1723:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(set->vec3,set->result,plength_stab*sizeof(double _Complex)); data/nfft-3.4.0~rc2/kernel/fpt/fpt.c:1724:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(set->vec4,&(set->result[Nk]),plength_stab*sizeof(double _Complex)); data/nfft-3.4.0~rc2/kernel/fpt/fpt.c:1751:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&(set->vec3[plength/2]),set->vec4,(plength/2)*sizeof(double _Complex)); data/nfft-3.4.0~rc2/kernel/nfsft/nfsft.c:644:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(plan->f_hat_intern,plan->f_hat,plan->N_total* data/nfft-3.4.0~rc2/kernel/nfsft/nfsft.c:969:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(plan->f_hat_intern,plan->f_hat,plan->N_total* data/nfft-3.4.0~rc2/kernel/nsfft/nsfft.c:611:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ths_full_plan->x,ths->act_nfft_plan->x,ths->M_total*ths->d*sizeof(double)); data/nfft-3.4.0~rc2/kernel/util/sort.c:164:20: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. if (to == keys0) memcpy(to, from, (size_t)(n) * 2 * sizeof(INT)); data/nfft-3.4.0~rc2/kernel/util/sort.c:238:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(keys0, keys1, (size_t)(n) * 2 * sizeof(INT)); data/nfft-3.4.0~rc2/matlab/fastsum/fastsummex.c:114:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[CMD_LEN_MAX+1]; /**< name of kernel */ data/nfft-3.4.0~rc2/matlab/fastsum/fastsummex.c:189:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmd[CMD_LEN_MAX]; data/nfft-3.4.0~rc2/matlab/nfct/nfctmex.c:43:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char cmd[CMD_LEN_MAX]; data/nfft-3.4.0~rc2/matlab/nfft/nfftmex.c:43:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char cmd[CMD_LEN_MAX]; data/nfft-3.4.0~rc2/matlab/nfsft/nfsftmex.c:45:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char cmd[CMD_LEN_MAX]; data/nfft-3.4.0~rc2/matlab/nfsoft/nfsoftmex.c:44:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char cmd[CMD_LEN_MAX]; data/nfft-3.4.0~rc2/matlab/nfst/nfstmex.c:43:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char cmd[CMD_LEN_MAX]; data/nfft-3.4.0~rc2/matlab/nnfft/nnfftmex.c:43:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char cmd[CMD_LEN_MAX]; data/nfft-3.4.0~rc2/tests/nfct.c:382:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[200]; data/nfft-3.4.0~rc2/tests/nfct.c:384:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *file = fopen(ego->filename, "r"); data/nfft-3.4.0~rc2/tests/nfft.c:383:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[200]; data/nfft-3.4.0~rc2/tests/nfft.c:385:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *file = fopen(ego->filename, "r"); data/nfft-3.4.0~rc2/tests/nfft.c:1397:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *file = fopen(filename, "a"); data/nfft-3.4.0~rc2/tests/nfst.c:388:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[200]; data/nfft-3.4.0~rc2/tests/nfst.c:390:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *file = fopen(ego->filename, "r"); data/nfft-3.4.0~rc2/tests/reflect.c:32:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char v1[20], v2[20]; data/nfft-3.4.0~rc2/applications/fastsum/fastsum_benchomp.c:414:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(hostname, "unnamed", 1024); data/nfft-3.4.0~rc2/applications/fastsum/fastsum_benchomp.c:479:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(hostname, "unnamed", 1024); data/nfft-3.4.0~rc2/applications/fastsum/fastsum_benchomp.c:544:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(hostname, "unnamed", 1024); data/nfft-3.4.0~rc2/applications/fastsum/fastsum_benchomp.c:614:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(hostname, "unnamed", 1024); data/nfft-3.4.0~rc2/examples/nfft/nfft_benchomp.c:330:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((mask & MASK_FLAGS_BW) && strlen(get_adjoint_omp_string(param.flags)) > 0) data/nfft-3.4.0~rc2/examples/nfft/nfft_benchomp.c:348:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(hostname, "unnamed", 1024); data/nfft-3.4.0~rc2/examples/nfft/nfft_benchomp.c:414:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(hostname, "unnamed", 1024); data/nfft-3.4.0~rc2/examples/nfsft/nfsft_benchomp.c:309:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((mask & MASK_FLAGS_BW) && strlen(get_adjoint_omp_string(param.psi_flags)) > 0) data/nfft-3.4.0~rc2/examples/nfsft/nfsft_benchomp.c:335:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(hostname, "unnamed", 1024); data/nfft-3.4.0~rc2/examples/nfsft/nfsft_benchomp.c:406:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(hostname, "unnamed", 1024); data/nfft-3.4.0~rc2/examples/nsfft/simple_test.c:68:3: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). getc(stdin); data/nfft-3.4.0~rc2/tests/nfct.c:387:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(filename, &c[1], 200); data/nfft-3.4.0~rc2/tests/nfft.c:388:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(filename, &c[1], 200); data/nfft-3.4.0~rc2/tests/nfst.c:393:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(filename, &c[1], 200); ANALYSIS SUMMARY: Hits = 376 Lines analyzed = 59282 in approximately 2.05 seconds (28893 lines/second) Physical Source Lines of Code (SLOC) = 43041 Hits@level = [0] 923 [1] 14 [2] 290 [3] 31 [4] 41 [5] 0 Hits@level+ = [0+] 1299 [1+] 376 [2+] 362 [3+] 72 [4+] 41 [5+] 0 Hits/KSLOC@level+ = [0+] 30.1805 [1+] 8.73586 [2+] 8.41059 [3+] 1.67282 [4+] 0.95258 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.