Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/plink-1.07+dfsg/genome.cpp Examining data/plink-1.07+dfsg/genedrop.cpp Examining data/plink-1.07+dfsg/annot.cpp Examining data/plink-1.07+dfsg/options.cpp Examining data/plink-1.07+dfsg/assoc.cpp Examining data/plink-1.07+dfsg/lookup2.cpp Examining data/plink-1.07+dfsg/idhelp.h Examining data/plink-1.07+dfsg/clumpld.cpp Examining data/plink-1.07+dfsg/whap.h Examining data/plink-1.07+dfsg/stats.h Examining data/plink-1.07+dfsg/lookup.cpp Examining data/plink-1.07+dfsg/metaanal.cpp Examining data/plink-1.07+dfsg/epi.cpp Examining data/plink-1.07+dfsg/setscreen.cpp Examining data/plink-1.07+dfsg/mishap.cpp Examining data/plink-1.07+dfsg/sets.h Examining data/plink-1.07+dfsg/haplohelper.cpp Examining data/plink-1.07+dfsg/cluster.cpp Examining data/plink-1.07+dfsg/genepi.cpp Examining data/plink-1.07+dfsg/blox.cpp Examining data/plink-1.07+dfsg/genogroup.h Examining data/plink-1.07+dfsg/segment.cpp Examining data/plink-1.07+dfsg/crandom.cpp Examining data/plink-1.07+dfsg/plink.h Examining data/plink-1.07+dfsg/step.cpp Examining data/plink-1.07+dfsg/pdriver.cpp Examining data/plink-1.07+dfsg/impute.cpp Examining data/plink-1.07+dfsg/tdt.cpp Examining data/plink-1.07+dfsg/webcheck.cpp Examining data/plink-1.07+dfsg/zed.cpp Examining data/plink-1.07+dfsg/phase.h Examining data/plink-1.07+dfsg/sisocks.h Examining data/plink-1.07+dfsg/profile.cpp Examining data/plink-1.07+dfsg/linput.cpp Examining data/plink-1.07+dfsg/tinput.cpp Examining data/plink-1.07+dfsg/whap.cpp Examining data/plink-1.07+dfsg/Rconnection.h Examining data/plink-1.07+dfsg/fisher.cpp Examining data/plink-1.07+dfsg/nlist.cpp Examining data/plink-1.07+dfsg/poo.cpp Examining data/plink-1.07+dfsg/glm.cpp Examining data/plink-1.07+dfsg/qualscores.cpp Examining data/plink-1.07+dfsg/Rconnection.cpp Examining data/plink-1.07+dfsg/gvar.h Examining data/plink-1.07+dfsg/cnv.cpp Examining data/plink-1.07+dfsg/stats.cpp Examining data/plink-1.07+dfsg/haploCC.cpp Examining data/plink-1.07+dfsg/homozyg.cpp Examining data/plink-1.07+dfsg/zfstream.h Examining data/plink-1.07+dfsg/sockets.h Examining data/plink-1.07+dfsg/metaem.cpp Examining data/plink-1.07+dfsg/multiple.cpp Examining data/plink-1.07+dfsg/sharing.cpp Examining data/plink-1.07+dfsg/haploTDT.cpp Examining data/plink-1.07+dfsg/r.cpp Examining data/plink-1.07+dfsg/cfamily.cpp Examining data/plink-1.07+dfsg/merge.cpp Examining data/plink-1.07+dfsg/options.h Examining data/plink-1.07+dfsg/hapglm.cpp Examining data/plink-1.07+dfsg/helper.h Examining data/plink-1.07+dfsg/perm.cpp Examining data/plink-1.07+dfsg/cfamily.h Examining data/plink-1.07+dfsg/dcdflib.h Examining data/plink-1.07+dfsg/mds.cpp Examining data/plink-1.07+dfsg/locus.cpp Examining data/plink-1.07+dfsg/haplowindow.cpp Examining data/plink-1.07+dfsg/fisher.h Examining data/plink-1.07+dfsg/zfstream.cpp Examining data/plink-1.07+dfsg/clumpld.h Examining data/plink-1.07+dfsg/bmerge.cpp Examining data/plink-1.07+dfsg/nonfounderphasing.cpp Examining data/plink-1.07+dfsg/input.cpp Examining data/plink-1.07+dfsg/ipmpar.h Examining data/plink-1.07+dfsg/lapackf.cpp Examining data/plink-1.07+dfsg/simul.cpp Examining data/plink-1.07+dfsg/prephap.cpp Examining data/plink-1.07+dfsg/perm.h Examining data/plink-1.07+dfsg/informative.cpp Examining data/plink-1.07+dfsg/linear.h Examining data/plink-1.07+dfsg/cnvqt.cpp Examining data/plink-1.07+dfsg/plink.cpp Examining data/plink-1.07+dfsg/dfam.cpp Examining data/plink-1.07+dfsg/filters.cpp Examining data/plink-1.07+dfsg/output.cpp Examining data/plink-1.07+dfsg/legacy.cpp Examining data/plink-1.07+dfsg/config.h Examining data/plink-1.07+dfsg/cdflib.h Examining data/plink-1.07+dfsg/linear.cpp Examining data/plink-1.07+dfsg/haploQTL.cpp Examining data/plink-1.07+dfsg/hotel.cpp Examining data/plink-1.07+dfsg/lapackf.h Examining data/plink-1.07+dfsg/model.h Examining data/plink-1.07+dfsg/qfam.cpp Examining data/plink-1.07+dfsg/phase.cpp Examining data/plink-1.07+dfsg/nlist.h Examining data/plink-1.07+dfsg/flip.cpp Examining data/plink-1.07+dfsg/tag.cpp Examining data/plink-1.07+dfsg/zed.h Examining data/plink-1.07+dfsg/proxy.cpp Examining data/plink-1.07+dfsg/haplowindow.h Examining data/plink-1.07+dfsg/sockets.cpp Examining data/plink-1.07+dfsg/genoerr.cpp Examining data/plink-1.07+dfsg/genogroup.cpp Examining data/plink-1.07+dfsg/dcdflib.cpp Examining data/plink-1.07+dfsg/helper.cpp Examining data/plink-1.07+dfsg/logistic.h Examining data/plink-1.07+dfsg/gxe.cpp Examining data/plink-1.07+dfsg/mh.cpp Examining data/plink-1.07+dfsg/em.cpp Examining data/plink-1.07+dfsg/trio.cpp Examining data/plink-1.07+dfsg/parse.cpp Examining data/plink-1.07+dfsg/cnv.h Examining data/plink-1.07+dfsg/multi.cpp Examining data/plink-1.07+dfsg/greport.cpp Examining data/plink-1.07+dfsg/logistic.cpp Examining data/plink-1.07+dfsg/crandom.h Examining data/plink-1.07+dfsg/Rsrv.h Examining data/plink-1.07+dfsg/elf.cpp Examining data/plink-1.07+dfsg/idhelp.cpp Examining data/plink-1.07+dfsg/dosage.cpp Examining data/plink-1.07+dfsg/gvar.cpp Examining data/plink-1.07+dfsg/model.cpp Examining data/plink-1.07+dfsg/binput.cpp Examining data/plink-1.07+dfsg/sets.cpp FINAL RESULTS: data/plink-1.07+dfsg/Rconnection.cpp:116:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(data+4,txt); data/plink-1.07+dfsg/Rconnection.cpp:558:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(this->host, host); data/plink-1.07+dfsg/Rconnection.cpp:586:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(sau.sun_path,host); // FIXME: possible overflow! data/plink-1.07+dfsg/Rconnection.cpp:701:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(cm->data+4, symbol); data/plink-1.07+dfsg/Rconnection.cpp:831:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(authbuf, user); c=authbuf+strlen(user); data/plink-1.07+dfsg/Rconnection.cpp:833:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(c,pwd); data/plink-1.07+dfsg/Rconnection.cpp:836:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(c,crypt(pwd,salt)); data/plink-1.07+dfsg/Rconnection.cpp:836:14: [4] (crypto) crypt: The crypt functions use a poor one-way hashing algorithm; since they only accept passwords of 8 characters or fewer and only a two-byte salt, they are excessively vulnerable to dictionary attacks given today's faster computing equipment (CWE-327). Use a different algorithm, such as SHA-256, with a larger, non-repeating salt. strcpy(c,crypt(pwd,salt)); data/plink-1.07+dfsg/sisocks.h:73:5: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. int snprintf(char *buf, int len, char *fmt, ...) data/plink-1.07+dfsg/sisocks.h:79:10: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. cnt = vsprintf(buf, fmt, argptr); data/plink-1.07+dfsg/sisocks.h:85:12: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. extern int snprintf(char *buf, int len, char *fmt, ...); data/plink-1.07+dfsg/crandom.cpp:40:15: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. void CRandom::srand ( long unsigned i ) data/plink-1.07+dfsg/crandom.h:42:17: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. static void srand(long unsigned iseed = 0); data/plink-1.07+dfsg/plink.cpp:119:14: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. CRandom::srand(time(0)); data/plink-1.07+dfsg/plink.cpp:121:14: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. CRandom::srand( par::random_seed ); data/plink-1.07+dfsg/zfstream.cpp:402:11: [3] (random) setstate: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. this->setstate(std::ios_base::failbit); data/plink-1.07+dfsg/zfstream.cpp:413:11: [3] (random) setstate: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. this->setstate(std::ios_base::failbit); data/plink-1.07+dfsg/zfstream.cpp:423:11: [3] (random) setstate: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. this->setstate(std::ios_base::failbit); data/plink-1.07+dfsg/zfstream.cpp:457:11: [3] (random) setstate: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. this->setstate(std::ios_base::failbit); data/plink-1.07+dfsg/zfstream.cpp:468:11: [3] (random) setstate: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. this->setstate(std::ios_base::failbit); data/plink-1.07+dfsg/zfstream.cpp:478:11: [3] (random) setstate: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. this->setstate(std::ios_base::failbit); data/plink-1.07+dfsg/Rconnection.cpp:126:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data, (raw_data)?buf:((char*)buf+4), dlen); data/plink-1.07+dfsg/Rconnection.cpp:160:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sb[256]; data/plink-1.07+dfsg/Rconnection.cpp:264:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(this->data, data, len); data/plink-1.07+dfsg/Rconnection.cpp:334:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf+hl, data, len); data/plink-1.07+dfsg/Rconnection.cpp:577:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char IDstring[33]; data/plink-1.07+dfsg/Rconnection.cpp:780:23: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. if (msg->len > 0) memcpy(buf, msg->data, msg->len); data/plink-1.07+dfsg/Rconnection.h:369:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char salt[2]; data/plink-1.07+dfsg/Rsrv.h:342:37: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned int itop(unsigned int i) { char b[4]; b[0]=((char*)&i)[3]; b[3]=((char*)&i)[0]; b[1]=((char*)&i)[2]; b[2]=((char*)&i)[1]; return *((unsigned int*)b); } data/plink-1.07+dfsg/Rsrv.h:343:25: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. double dtop(double i) { char b[8]; b[0]=((char*)&i)[7]; b[1]=((char*)&i)[6]; b[2]=((char*)&i)[5]; b[3]=((char*)&i)[4]; b[7]=((char*)&i)[0]; b[6]=((char*)&i)[1]; b[5]=((char*)&i)[2]; b[4]=((char*)&i)[3]; return *((double*)b); } data/plink-1.07+dfsg/assoc.cpp:199:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). haplo->HTEST.open(f.c_str(), ios::out); data/plink-1.07+dfsg/assoc.cpp:258:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). haplo->HTEST.open(f.c_str(), ios::out); data/plink-1.07+dfsg/assoc.cpp:651:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ASC.open(f.c_str(),ios::out); data/plink-1.07+dfsg/assoc.cpp:770:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ASC.open(f.c_str(),ios::out); data/plink-1.07+dfsg/assoc.cpp:845:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ASC.open(f.c_str(),ios::out); data/plink-1.07+dfsg/assoc.cpp:1227:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ASC.open(f.c_str(),ios::out); data/plink-1.07+dfsg/assoc.cpp:1741:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ASC.open(f.c_str(),ios::out); data/plink-1.07+dfsg/assoc.cpp:1758:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). QT_MEANS.open(f.c_str(),ios::out); data/plink-1.07+dfsg/assoc.cpp:2142:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). MIS.open(f.c_str(),ios::out); data/plink-1.07+dfsg/assoc.cpp:2297:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). LD.open(f.c_str(),ios::out); data/plink-1.07+dfsg/binput.cpp:286:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ch[1]; data/plink-1.07+dfsg/binput.cpp:342:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ch[1]; data/plink-1.07+dfsg/binput.cpp:375:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ch[1]; data/plink-1.07+dfsg/binput.cpp:417:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). BIT.open(s.c_str(), ios::in | ios::binary); data/plink-1.07+dfsg/binput.cpp:423:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ch[1]; data/plink-1.07+dfsg/binput.cpp:466:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). BIT.open(s.c_str(), ios::in | ios::binary); data/plink-1.07+dfsg/binput.cpp:482:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). BIT.open(s.c_str(), ios::in | ios::binary); data/plink-1.07+dfsg/bmerge.cpp:320:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). MSNP.open(f.c_str(), ios::out); data/plink-1.07+dfsg/bmerge.cpp:467:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). MERD.open(f.c_str(), ios::out); data/plink-1.07+dfsg/bmerge.cpp:489:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FAM.open(par::merge_famfile.c_str()); data/plink-1.07+dfsg/bmerge.cpp:722:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ch[1]; data/plink-1.07+dfsg/clumpld.cpp:104:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cline[par::MAX_LINE_LENGTH]; data/plink-1.07+dfsg/clumpld.cpp:160:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cline[par::MAX_LINE_LENGTH]; data/plink-1.07+dfsg/clumpld.cpp:266:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). CLMP.open( (par::output_file_name + ".clumped").c_str() , ios::out); data/plink-1.07+dfsg/clumpld.cpp:278:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). CLMP2.open( (par::output_file_name + ".clumped.ranges").c_str() , ios::out); data/plink-1.07+dfsg/clumpld.cpp:292:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). BEST.open( (par::output_file_name + ".clumped.best").c_str() , ios::out); data/plink-1.07+dfsg/cluster.cpp:1104:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). CLST.open((par::output_file_name+".cluster1").c_str(),ios::out); data/plink-1.07+dfsg/cluster.cpp:1129:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). CLST.open((par::output_file_name+".cluster2").c_str(),ios::out); data/plink-1.07+dfsg/cluster.cpp:1153:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). CLST.open((par::output_file_name+".cluster3").c_str(),ios::out); data/plink-1.07+dfsg/cluster.cpp:1159:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). CLST.open((par::output_file_name+".cluster3.missing").c_str(),ios::out); data/plink-1.07+dfsg/cluster.cpp:1595:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). INC.open(par::ibd_file.c_str()); data/plink-1.07+dfsg/cluster.cpp:1720:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). GOUT0.open( (par::output_file_name + ".plst").c_str(), ios::out); data/plink-1.07+dfsg/cluster.cpp:1724:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). GOUT1.open( (par::output_file_name + ".clst").c_str(), ios::out); data/plink-1.07+dfsg/cluster.cpp:1748:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). GOUT.open( (par::output_file_name + ".genome").c_str(), ios::out); data/plink-1.07+dfsg/cnv.cpp:210:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cline[par::MAX_LINE_LENGTH]; data/plink-1.07+dfsg/cnv.cpp:293:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). O2.open( (par::output_file_name+".notfound").c_str() , ios::out); data/plink-1.07+dfsg/cnv.cpp:379:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). IN.open( par::cnv_listname.c_str() , ios::in ); data/plink-1.07+dfsg/cnv.cpp:662:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ROUT.open( ( par::output_file_name+".reg").c_str(), ios::out ); data/plink-1.07+dfsg/cnv.cpp:1326:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). MOUT.open( ( par::output_file_name + ".cnv").c_str() , ios::out ); data/plink-1.07+dfsg/cnv.cpp:1374:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). MOUT.open( ( par::output_file_name + ".fam").c_str() , ios::out ); data/plink-1.07+dfsg/cnv.cpp:1412:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). MOUT.open( ( par::output_file_name + ".cnv.map").c_str() , ios::out ); data/plink-1.07+dfsg/cnv.cpp:1956:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). SIBS.open( f.c_str() , ios::out ); data/plink-1.07+dfsg/cnv.cpp:2296:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). OUTF.open( f.c_str() , ios::out ); data/plink-1.07+dfsg/cnv.cpp:2358:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FOUT.open( f.c_str() , ios::out ); data/plink-1.07+dfsg/cnvqt.cpp:146:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FOUT.open( f.c_str() , ios::out ); data/plink-1.07+dfsg/cnvqt.cpp:206:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FOUT.open( f.c_str() , ios::out ); data/plink-1.07+dfsg/dcdflib.cpp:1443:9: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). #define atol (1.0e-50) data/plink-1.07+dfsg/dcdflib.cpp:1600:14: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). T4 = atol; data/plink-1.07+dfsg/dcdflib.cpp:1648:15: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). T10 = atol; data/plink-1.07+dfsg/dcdflib.cpp:1684:15: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). T14 = atol; data/plink-1.07+dfsg/dcdflib.cpp:1715:8: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). #undef atol data/plink-1.07+dfsg/dcdflib.cpp:1808:9: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). #define atol (1.0e-50) data/plink-1.07+dfsg/dcdflib.cpp:1972:14: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). T5 = atol; data/plink-1.07+dfsg/dcdflib.cpp:2008:14: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). T9 = atol; data/plink-1.07+dfsg/dcdflib.cpp:2041:15: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). T12 = atol; data/plink-1.07+dfsg/dcdflib.cpp:2083:8: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). #undef atol data/plink-1.07+dfsg/dcdflib.cpp:2169:9: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). #define atol (1.0e-50) data/plink-1.07+dfsg/dcdflib.cpp:2294:14: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). T6 = atol; data/plink-1.07+dfsg/dcdflib.cpp:2334:15: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). T10 = atol; data/plink-1.07+dfsg/dcdflib.cpp:2369:8: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). #undef atol data/plink-1.07+dfsg/dcdflib.cpp:2465:9: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). #define atol (1.0e-50) data/plink-1.07+dfsg/dcdflib.cpp:2553:14: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). T5 = atol; data/plink-1.07+dfsg/dcdflib.cpp:2584:14: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). T9 = atol; data/plink-1.07+dfsg/dcdflib.cpp:2614:15: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). T12 = atol; data/plink-1.07+dfsg/dcdflib.cpp:2641:8: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). #undef atol data/plink-1.07+dfsg/dcdflib.cpp:2734:9: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). #define atol (1.0e-50) data/plink-1.07+dfsg/dcdflib.cpp:2855:14: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). T6 = atol; data/plink-1.07+dfsg/dcdflib.cpp:2891:15: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). T10 = atol; data/plink-1.07+dfsg/dcdflib.cpp:2927:15: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). T14 = atol; data/plink-1.07+dfsg/dcdflib.cpp:2958:8: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). #undef atol data/plink-1.07+dfsg/dcdflib.cpp:3064:9: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). #define atol (1.0e-50) data/plink-1.07+dfsg/dcdflib.cpp:3162:14: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). T5 = atol; data/plink-1.07+dfsg/dcdflib.cpp:3193:14: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). T9 = atol; data/plink-1.07+dfsg/dcdflib.cpp:3224:15: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). T13 = atol; data/plink-1.07+dfsg/dcdflib.cpp:3254:15: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). T16 = atol; data/plink-1.07+dfsg/dcdflib.cpp:3281:8: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). #undef atol data/plink-1.07+dfsg/dcdflib.cpp:3380:9: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). #define atol (1.0e-50) data/plink-1.07+dfsg/dcdflib.cpp:3530:14: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). T7 = atol; data/plink-1.07+dfsg/dcdflib.cpp:3580:8: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). #undef atol data/plink-1.07+dfsg/dcdflib.cpp:3682:9: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). #define atol (1.0e-50) data/plink-1.07+dfsg/dcdflib.cpp:3840:14: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). T6 = atol; data/plink-1.07+dfsg/dcdflib.cpp:3875:14: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). T9 = atol; data/plink-1.07+dfsg/dcdflib.cpp:3908:15: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). T12 = atol; data/plink-1.07+dfsg/dcdflib.cpp:3951:8: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). #undef atol data/plink-1.07+dfsg/dcdflib.cpp:4236:9: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). #define atol (1.0e-50) data/plink-1.07+dfsg/dcdflib.cpp:4346:14: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). T6 = atol; data/plink-1.07+dfsg/dcdflib.cpp:4381:14: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). T9 = atol; data/plink-1.07+dfsg/dcdflib.cpp:4412:8: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). #undef atol data/plink-1.07+dfsg/dcdflib.cpp:4491:9: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). #define atol (1.0e-50) data/plink-1.07+dfsg/dcdflib.cpp:4594:14: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). T6 = atol; data/plink-1.07+dfsg/dcdflib.cpp:4630:15: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). T10 = atol; data/plink-1.07+dfsg/dcdflib.cpp:4661:8: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). #undef atol data/plink-1.07+dfsg/dfam.cpp:47:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). TDT.open(f.c_str(),ios::out); data/plink-1.07+dfsg/dosage.cpp:176:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). skip0 = atoi( dosage_opt->getValue("skip0").c_str() ); data/plink-1.07+dfsg/dosage.cpp:178:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). skip1 = atoi( dosage_opt->getValue("skip1").c_str() ); data/plink-1.07+dfsg/dosage.cpp:180:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). skip2 = atoi( dosage_opt->getValue("skip2").c_str() ); data/plink-1.07+dfsg/dosage.cpp:389:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). detout.open( par::output_file_name + ".dosage.det" , false ); data/plink-1.07+dfsg/dosage.cpp:1364:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). Q1.open( par::score_qrange_file.c_str() , ios::in ); data/plink-1.07+dfsg/elf.cpp:590:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ASC.open(f.c_str(),ios::out); data/plink-1.07+dfsg/elf.cpp:664:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). OUT.open(f.c_str(),ios::out); data/plink-1.07+dfsg/elf.cpp:834:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). SDET_SNP.open( ( par::output_file_name+".elf.det." data/plink-1.07+dfsg/elf.cpp:836:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). SDET_IND.open( ( par::output_file_name+".elf.det." data/plink-1.07+dfsg/elf.cpp:883:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). IN.open( par::rare_test_score_results_file.c_str() ); data/plink-1.07+dfsg/elf.cpp:974:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). SUM.open( ( par::output_file_name + ".elf.summary").c_str() , ios::out ); data/plink-1.07+dfsg/elf.cpp:1088:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ELF.open(f.c_str(),ios::out); data/plink-1.07+dfsg/epi.cpp:68:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). EPI.open(f.c_str(),ios::out); data/plink-1.07+dfsg/epi.cpp:683:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). EPI.open(f.c_str(),ios::out); data/plink-1.07+dfsg/filters.cpp:197:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). REM.open(f.c_str(), ifstream::out); data/plink-1.07+dfsg/filters.cpp:244:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FRQ.open(par::af_file.c_str()); data/plink-1.07+dfsg/filters.cpp:590:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). REM.open(f.c_str(), ifstream::out); data/plink-1.07+dfsg/filters.cpp:610:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). NOF.open(f.c_str(), ifstream::out); data/plink-1.07+dfsg/filters.cpp:642:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FRQ.open(f.c_str(), ifstream::out); data/plink-1.07+dfsg/filters.cpp:714:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). HWD.open(f.c_str(), ifstream::out); data/plink-1.07+dfsg/filters.cpp:1051:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). MIS.open(f.c_str(), ifstream::out); data/plink-1.07+dfsg/filters.cpp:1123:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). MIS.open(f.c_str(), ifstream::out); data/plink-1.07+dfsg/flip.cpp:201:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). OUT1.open(f.c_str(),ios::out); data/plink-1.07+dfsg/flip.cpp:223:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). OUT1V.open(f.c_str(),ios::out); data/plink-1.07+dfsg/genepi.cpp:328:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). SET1.open(f.c_str(),ios::out); data/plink-1.07+dfsg/genepi.cpp:332:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). SET2.open(f.c_str(),ios::out); data/plink-1.07+dfsg/genepi.cpp:402:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). EPI.open(f.c_str(), ios::out); data/plink-1.07+dfsg/genepi.cpp:448:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). EPI.open(f.c_str(), ios::out); data/plink-1.07+dfsg/genepi.cpp:981:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). EPI.open(f.c_str(), ios::out); data/plink-1.07+dfsg/genome.cpp:54:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FRQ.open(f.c_str(), ifstream::out); data/plink-1.07+dfsg/genome.cpp:337:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). HET.open(f.c_str(),ios::out); data/plink-1.07+dfsg/genome.cpp:363:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FST.open(f.c_str(),ios::out); data/plink-1.07+dfsg/genome.cpp:1016:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ZOUTFILE.open( f , par::compress_genome ); data/plink-1.07+dfsg/glm.cpp:99:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ASC.open(f.c_str(),ios::out); data/plink-1.07+dfsg/greport.cpp:38:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). GREP.open( (par::output_file_name + ".range.report").c_str() , ios::out); data/plink-1.07+dfsg/greport.cpp:56:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). RESIN.open( par::greport_results.c_str() , ios::in ); data/plink-1.07+dfsg/greport.cpp:60:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cline[par::MAX_LINE_LENGTH]; data/plink-1.07+dfsg/greport.cpp:134:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cline[par::MAX_LINE_LENGTH]; data/plink-1.07+dfsg/gvar.cpp:592:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). GOUT.open( ( par::output_file_name data/plink-1.07+dfsg/gvar.cpp:604:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). GVERB.open((par::output_file_name+".assoc.gvar").c_str(),ios::out); data/plink-1.07+dfsg/gxe.cpp:106:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ASC.open(f.c_str(),ios::out); data/plink-1.07+dfsg/haplohelper.cpp:154:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). HFRQ.open(f.c_str(), ios::out); data/plink-1.07+dfsg/haplohelper.cpp:1158:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). HFRQ.open(f.c_str(), ios::out); data/plink-1.07+dfsg/helper.cpp:324:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). y.push_back( atoi( v[i].c_str() ) ); data/plink-1.07+dfsg/helper.cpp:1157:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). inp.open(f.c_str(), ifstream::in); data/plink-1.07+dfsg/helper.cpp:1182:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). inp.open(f.c_str(), ifstream::in); data/plink-1.07+dfsg/helper.cpp:1206:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cline[par::MAX_LINE_LENGTH]; data/plink-1.07+dfsg/helper.cpp:1229:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cline[par::MAX_LINE_LENGTH]; data/plink-1.07+dfsg/helper.cpp:3042:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cline[par::MAX_LINE_LENGTH]; data/plink-1.07+dfsg/helper.cpp:3534:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). PPHE.open( ( par::output_file_name + ".pphe").c_str() , ios::out ); data/plink-1.07+dfsg/helper.cpp:3709:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). O2.open( (par::output_file_name+".notfound").c_str() , ios::out); data/plink-1.07+dfsg/homozyg.cpp:270:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). HOM.open(f.c_str(),ios::out); data/plink-1.07+dfsg/homozyg.cpp:338:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). SEG.open(par::read_segment_filename.c_str(),ios::in); data/plink-1.07+dfsg/homozyg.cpp:973:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). HOM.open(f.c_str(),ios::out); data/plink-1.07+dfsg/homozyg.cpp:2483:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). OUT.open( (par::output_file_name+".cnv.grp.summary").c_str(), ios::out); data/plink-1.07+dfsg/homozyg.cpp:2880:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). PHOM.open( f.c_str() , ios::out ); data/plink-1.07+dfsg/hotel.cpp:159:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ASC.open(f.c_str(),ios::out); data/plink-1.07+dfsg/hotel.cpp:207:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ASC.open(f.c_str(),ios::out); data/plink-1.07+dfsg/idhelp.cpp:1935:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). I1.open( (par::idhelp_match_string[s]).c_str() , ios::in ); data/plink-1.07+dfsg/informative.cpp:48:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). INC.open(par::ibd_file.c_str(), ios::in); data/plink-1.07+dfsg/input.cpp:594:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). AMB.open(f.c_str(), ifstream::out); data/plink-1.07+dfsg/input.cpp:706:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). SET.open(par::setfile.c_str()); data/plink-1.07+dfsg/input.cpp:803:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cline[par::MAX_LINE_LENGTH]; data/plink-1.07+dfsg/input.cpp:910:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cline[par::MAX_LINE_LENGTH]; data/plink-1.07+dfsg/input.cpp:946:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cline[par::MAX_LINE_LENGTH]; data/plink-1.07+dfsg/input.cpp:1242:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cline[par::MAX_LINE_LENGTH]; data/plink-1.07+dfsg/input.cpp:1353:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cline[par::MAX_LINE_LENGTH]; data/plink-1.07+dfsg/input.cpp:1991:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). MAP.open( filename.c_str()); data/plink-1.07+dfsg/input.cpp:2001:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cline[256]; data/plink-1.07+dfsg/input.cpp:2046:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). loc->bp = (long int)atoi(tokens[2].c_str()); data/plink-1.07+dfsg/input.cpp:2051:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). loc->bp = (long int)atoi(tokens[3].c_str()); data/plink-1.07+dfsg/input.cpp:2281:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). PED.open(filename.c_str()); data/plink-1.07+dfsg/input.cpp:2452:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). AMB.open(f.c_str(), ifstream::out); data/plink-1.07+dfsg/input.cpp:2583:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). MAPIN.open( par::update_mapfile.c_str(), ios::in ); data/plink-1.07+dfsg/input.cpp:2701:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). MAPIN.open( par::update_allele_file.c_str(), ios::in ); data/plink-1.07+dfsg/input.cpp:2807:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FAM_ID.open( par::update_ids_file.c_str(), ios::in ); data/plink-1.07+dfsg/input.cpp:2844:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FAM_SEX.open( par::update_sex_file.c_str(), ios::in ); data/plink-1.07+dfsg/input.cpp:2887:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FAM_PAR.open( par::update_parents_file.c_str(), ios::in ); data/plink-1.07+dfsg/input.cpp:2923:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FAM_PHE.open( par::update_pheno_file.c_str(), ios::in ); data/plink-1.07+dfsg/legacy.cpp:571:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). PLO.open(f.c_str(),ios::out); data/plink-1.07+dfsg/lookup.cpp:200:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). OUT.open( f.c_str(), ios::out ); data/plink-1.07+dfsg/lookup.cpp:271:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). OUT.open( f.c_str(), ios::out ); data/plink-1.07+dfsg/merge.cpp:57:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cline[5000] = ""; data/plink-1.07+dfsg/merge.cpp:188:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cline[256] = ""; data/plink-1.07+dfsg/merge.cpp:214:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). loc->bp = (long int)atoi(tokens[2].c_str()); data/plink-1.07+dfsg/merge.cpp:219:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). loc->bp = (long int)atoi(tokens[3].c_str()); data/plink-1.07+dfsg/merge.cpp:452:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). MERD.open(f.c_str(), ios::out); data/plink-1.07+dfsg/merge.cpp:469:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). PED = fopen(par::merge_pedfile.c_str(),"r"); data/plink-1.07+dfsg/merge.cpp:764:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). MSNP.open(f.c_str(), ios::out); data/plink-1.07+dfsg/mh.cpp:72:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). MHOUT.open(f.c_str(),ios::out); data/plink-1.07+dfsg/mh.cpp:232:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). MHOUT.open(f.c_str(),ios::out); data/plink-1.07+dfsg/mh.cpp:858:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). MHOUT.open(f.c_str(),ios::out); data/plink-1.07+dfsg/mishap.cpp:41:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). haplo->HTEST.open(f.c_str(),ios::out); data/plink-1.07+dfsg/multiple.cpp:223:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). MT.open(f.c_str(),ios::out); data/plink-1.07+dfsg/output.cpp:80:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). PLO.open(f.c_str(),ios::out); data/plink-1.07+dfsg/output.cpp:1626:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). AMAP.open(f.c_str(), ios::in); data/plink-1.07+dfsg/output.cpp:1997:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). BIT.open((par::output_file_name+".bim").c_str(), ios::out); data/plink-1.07+dfsg/output.cpp:2029:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). BIT.open((par::output_file_name+".bed").c_str(), ios::out | ios::binary); data/plink-1.07+dfsg/output.cpp:2037:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ch[1]; data/plink-1.07+dfsg/output.cpp:2101:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ch[1]; data/plink-1.07+dfsg/output.cpp:2149:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ch[1]; data/plink-1.07+dfsg/pdriver.cpp:63:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). haplo->HTEST.open(f.c_str(),ios::out); data/plink-1.07+dfsg/pdriver.cpp:68:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). OUTFILE.open(f2.c_str(),ios::out); data/plink-1.07+dfsg/pdriver.cpp:163:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). PLIST.open(par::proxy_all_list_file.c_str(), ios::in); data/plink-1.07+dfsg/perm.cpp:49:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). PDUMP.open((par::output_file_name+".mperm.dump.all").c_str(),ios::out); data/plink-1.07+dfsg/perm.cpp:53:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). PDUMP.open((par::output_file_name+".mperm.dump.best").c_str(),ios::out); data/plink-1.07+dfsg/phase.cpp:155:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). VPHASE.open("phased.verbose",ios::out); data/plink-1.07+dfsg/plink.cpp:94:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). LOG.open(string(par::output_file_name + ".log").c_str()); data/plink-1.07+dfsg/plink.cpp:888:21: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). P.haplo->HIMPUTE.open((par::output_file_name+".phased.out").c_str(), ios::out); data/plink-1.07+dfsg/plink.cpp:1267:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). HET.open(f.c_str(),ios::out); data/plink-1.07+dfsg/plink.cpp:1312:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). RUN.open(f.c_str(),ios::out); data/plink-1.07+dfsg/plink.cpp:1703:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). P.haplo->HTEST.open(f.c_str(), ios::out); data/plink-1.07+dfsg/plink.cpp:1720:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). P.haplo->HTEST.open(f.c_str(), ios::out); data/plink-1.07+dfsg/plink.cpp:1737:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). P.haplo->HTEST.open(f.c_str(), ios::out); data/plink-1.07+dfsg/plink.cpp:1917:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). SEG.open(par::read_segment_filename.c_str(),ios::in); data/plink-1.07+dfsg/plink.cpp:2043:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). SEG.open(f.c_str(),ios::out); data/plink-1.07+dfsg/plink.cpp:2086:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). MP.open(f.c_str(), ios::out); data/plink-1.07+dfsg/plink.cpp:2096:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). GMULTI.open(f.c_str(), ios::out); data/plink-1.07+dfsg/poo.cpp:135:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). TDT.open(f.c_str(),ios::out); data/plink-1.07+dfsg/poo.cpp:181:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). TDT.open(f.c_str(),ios::out); data/plink-1.07+dfsg/poo.cpp:246:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). TDT.open(f.c_str(),ios::out); data/plink-1.07+dfsg/prephap.cpp:97:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char c[500000]; data/plink-1.07+dfsg/prephap.cpp:348:41: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (P.locus[locusList[ck]]->chr != atoi(tokens[1].c_str())) data/plink-1.07+dfsg/prephap.cpp:390:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). loc->bp = atoi(tokens[3].c_str()); data/plink-1.07+dfsg/prephap.cpp:449:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). loc->bp = atoi(tokens[3].c_str()); data/plink-1.07+dfsg/profile.cpp:81:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). Q1.open( par::score_qrange_file.c_str() , ios::in ); data/plink-1.07+dfsg/profile.cpp:128:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). PROFIN.open( par::score_risk_file.c_str(), ios::in ); data/plink-1.07+dfsg/profile.cpp:229:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). O1.open( (par::output_file_name + suffix + ".nopred").c_str() , ios::out ); data/plink-1.07+dfsg/profile.cpp:265:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). PROFOUT.open( f.c_str(), ios::out ); data/plink-1.07+dfsg/profile.cpp:358:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). PROFOUT.open( f.c_str(), ios::out ); data/plink-1.07+dfsg/profile.cpp:385:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). PROFOUT.open( f.c_str(), ios::out ); data/plink-1.07+dfsg/qfam.cpp:372:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). TDT.open((par::output_file_name+f).c_str(),ios::out); data/plink-1.07+dfsg/r.cpp:73:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ROUT.open((par::output_file_name+".auto.R").c_str(), ios::out); data/plink-1.07+dfsg/r.cpp:84:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[128]; data/plink-1.07+dfsg/r.cpp:99:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). RSCRIPT.open((par::output_file_name+".debug.R").c_str(), ios::out); data/plink-1.07+dfsg/segment.cpp:229:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). SEGS.open( (par::output_file_name+".segtest1.mperm").c_str() , ios::out ); data/plink-1.07+dfsg/segment.cpp:262:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). SEGS.open( (par::output_file_name+".segtest1").c_str() , ios::out ); data/plink-1.07+dfsg/segment.cpp:857:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). SIBS.open( f.c_str() , ios::out ); data/plink-1.07+dfsg/segment.cpp:1087:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). SIBS.open( f.c_str() , ios::out ); data/plink-1.07+dfsg/segment.cpp:1115:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). SIBS.open(f.c_str(), ios::out); data/plink-1.07+dfsg/segment.cpp:1293:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). SIBS.open( f.c_str() , ios::out ); data/plink-1.07+dfsg/segment.cpp:1438:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). SSEG.open( f.c_str() , ios::app ); data/plink-1.07+dfsg/segment.cpp:1440:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). SSEG.open( f.c_str() , ios::out ); data/plink-1.07+dfsg/segment.cpp:1808:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). HOM.open( f.c_str() , ios::out ); data/plink-1.07+dfsg/segment.cpp:1967:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). SEG.open( f.c_str(), ios::out ); data/plink-1.07+dfsg/segment.cpp:2353:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). MOUT.open( ( par::output_file_name + ".cnv.bed").c_str() , ios::out ); data/plink-1.07+dfsg/sets.cpp:170:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). SET1.open(f.c_str(),ios::out); data/plink-1.07+dfsg/sets.cpp:174:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). SET2.open(f.c_str(),ios::out); data/plink-1.07+dfsg/sets.cpp:365:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). SOUT.open( ( par::output_file_name + ".ldset").c_str() , ios::out); data/plink-1.07+dfsg/setscreen.cpp:60:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). SSUM.open( (par::output_file_name + ".set.summary").c_str() , ios::out); data/plink-1.07+dfsg/setscreen.cpp:70:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). RESIN.open( par::set_screen_resultfile.c_str() , ios::in ); data/plink-1.07+dfsg/setscreen.cpp:179:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). SVERB.open( (par::output_file_name+".set.summary.verbose").c_str(), ios::out ); data/plink-1.07+dfsg/sharing.cpp:89:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ASC.open(f.c_str(),ios::out); data/plink-1.07+dfsg/simul.cpp:537:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). SIM.open( par::simul_file.c_str(), ios::in ); data/plink-1.07+dfsg/simul.cpp:1044:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). SIM.open( par::simul_file.c_str(), ios::in ); data/plink-1.07+dfsg/sisocks.h:145:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. default: sprintf(buf,"unknown socket error %d",sockerrno); data/plink-1.07+dfsg/sockets.cpp:78:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char out_buf[BUF_SIZE+1]; // Output buffer for GET request data/plink-1.07+dfsg/sockets.cpp:79:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char in_buf[BUF_SIZE+1]; // Input buffer for response data/plink-1.07+dfsg/sockets.cpp:122:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char echoBuffer[BUF_SIZE + 1]; // Buffer for echo string + \0 data/plink-1.07+dfsg/tag.cpp:125:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). O2.open( ( par::output_file_name + ".tags.list").c_str() , ios::out ); data/plink-1.07+dfsg/tag.cpp:271:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). O1.open( (par::output_file_name+".tags").c_str(), ios::out); data/plink-1.07+dfsg/tdt.cpp:296:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). TDT.open(f.c_str(),ios::out); data/plink-1.07+dfsg/tdt.cpp:345:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). TDT.open(f.c_str(),ios::out); data/plink-1.07+dfsg/tdt.cpp:398:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). TDT.open(f.c_str(),ios::out); data/plink-1.07+dfsg/tdt.cpp:467:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). TDT.open(f.c_str(),ios::out); data/plink-1.07+dfsg/tdt.cpp:496:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). MT.open( (par::output_file_name + ".mt").c_str(), ios::out); data/plink-1.07+dfsg/tinput.cpp:100:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). loc->bp = (long int)atoi(bp.c_str()); data/plink-1.07+dfsg/trio.cpp:433:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). MEN.open(f.c_str(),ios::out); data/plink-1.07+dfsg/trio.cpp:434:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). MENL.open(fl.c_str(),ios::out); data/plink-1.07+dfsg/trio.cpp:435:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). MENI.open(fi.c_str(),ios::out); data/plink-1.07+dfsg/trio.cpp:436:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). MENF.open(ff.c_str(),ios::out); data/plink-1.07+dfsg/trio.cpp:1036:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). POUT.open( (par::output_file_name+".tucc.ped").c_str(), ios::out); data/plink-1.07+dfsg/webcheck.cpp:78:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). VER.open(".pversion",ios::in); data/plink-1.07+dfsg/webcheck.cpp:214:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). VER.open(".pversion",ios::out); data/plink-1.07+dfsg/whap.cpp:109:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). CH.open((par::output_file_name+".chap").c_str(),ios::out); data/plink-1.07+dfsg/zed.cpp:26:3: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). open(f,cmode); data/plink-1.07+dfsg/zed.cpp:35:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void ZInput::open(string f, bool cmode) data/plink-1.07+dfsg/zed.cpp:49:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). zinf.open( filename.c_str() ); data/plink-1.07+dfsg/zed.cpp:55:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). inf.open( filename.c_str() ); data/plink-1.07+dfsg/zed.cpp:130:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void ZOutput::open(string f, bool cmode) data/plink-1.07+dfsg/zed.cpp:145:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). zoutf.open( filename.c_str() ); data/plink-1.07+dfsg/zed.cpp:153:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). outf.open( filename.c_str() ); data/plink-1.07+dfsg/zed.cpp:163:3: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). open(f,cmode); data/plink-1.07+dfsg/zed.h:23:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MAX_LINE_LENGTH]; data/plink-1.07+dfsg/zed.h:36:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void open(string, bool); data/plink-1.07+dfsg/zed.h:58:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MAX_LINE_LENGTH]; data/plink-1.07+dfsg/zed.h:62:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void open(string,bool); data/plink-1.07+dfsg/zfstream.cpp:51:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). gzfilebuf::open(const char *name, data/plink-1.07+dfsg/zfstream.cpp:62:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char char_mode[6] = "\0\0\0\0\0"; data/plink-1.07+dfsg/zfstream.cpp:90:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char char_mode[6] = "\0\0\0\0\0"; data/plink-1.07+dfsg/zfstream.cpp:384:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). this->open(name, mode); data/plink-1.07+dfsg/zfstream.cpp:398:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). gzifstream::open(const char* name, data/plink-1.07+dfsg/zfstream.cpp:401:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!sb.open(name, mode | std::ios_base::in)) data/plink-1.07+dfsg/zfstream.cpp:439:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). this->open(name, mode); data/plink-1.07+dfsg/zfstream.cpp:453:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). gzofstream::open(const char* name, data/plink-1.07+dfsg/zfstream.cpp:456:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!sb.open(name, mode | std::ios_base::out)) data/plink-1.07+dfsg/zfstream.h:66:3: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). open(const char* name, data/plink-1.07+dfsg/zfstream.h:285:3: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). open(const char* name, data/plink-1.07+dfsg/zfstream.h:374:3: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). open(const char* name, data/plink-1.07+dfsg/Rconnection.cpp:107:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int tl=strlen(txt)+1; data/plink-1.07+dfsg/Rconnection.cpp:148:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int Rmessage::read(int s) { data/plink-1.07+dfsg/Rconnection.cpp:557:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). this->host=(char*)malloc(strlen(host)+1); data/plink-1.07+dfsg/Rconnection.cpp:665:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). return msg->read(s); data/plink-1.07+dfsg/Rconnection.cpp:674:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). return targetMsg->read(s); data/plink-1.07+dfsg/Rconnection.cpp:692:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int tl=strlen(symbol)+1; data/plink-1.07+dfsg/Rconnection.cpp:830:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). authbuf=(char*) malloc(strlen(user)+strlen(pwd)+22); data/plink-1.07+dfsg/Rconnection.cpp:830:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). authbuf=(char*) malloc(strlen(user)+strlen(pwd)+22); data/plink-1.07+dfsg/Rconnection.cpp:831:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strcpy(authbuf, user); c=authbuf+strlen(user); data/plink-1.07+dfsg/Rconnection.h:93:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int read(int s); data/plink-1.07+dfsg/Rconnection.h:265:50: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). Rstring(const char *str) : Rexp(XT_STR, str, strlen(str)+1) {} data/plink-1.07+dfsg/binput.cpp:287:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). BIT.read(ch,1); data/plink-1.07+dfsg/binput.cpp:343:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). BIT.read(ch,1); data/plink-1.07+dfsg/binput.cpp:376:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). BIT.read(ch,1); data/plink-1.07+dfsg/binput.cpp:424:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). BIT.read(ch,1); data/plink-1.07+dfsg/binput.cpp:438:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). BIT.read(ch,1); data/plink-1.07+dfsg/binput.cpp:444:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). BIT.read(ch,1); data/plink-1.07+dfsg/binput.cpp:467:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). BIT.read(ch,1); data/plink-1.07+dfsg/bmerge.cpp:723:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). BIT.read(ch,1); data/plink-1.07+dfsg/gvar.cpp:174:15: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (fgetc(GV) != '\n' && !feof(GV)) {} data/plink-1.07+dfsg/helper.cpp:750:17: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). char ch = fgetc(fp); data/plink-1.07+dfsg/homozyg.cpp:396:15: [1] (buffer) mismatch: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if ((double)mismatch/(double)(finish-start+1) > 1-par::fuzzy_homo ) return false; data/plink-1.07+dfsg/homozyg.cpp:588:15: [1] (buffer) mismatch: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if ((double)mismatch/(double)(finish-start+1) > 1-par::fuzzy_homo ) return false; data/plink-1.07+dfsg/input.cpp:126:15: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (fgetc(PED) != '\n' && !feof(PED)) {} data/plink-1.07+dfsg/input.cpp:292:15: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). char ch = fgetc(PED); data/plink-1.07+dfsg/input.cpp:337:14: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). char ch = fgetc(PED); data/plink-1.07+dfsg/merge.cpp:494:11: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (fgetc(PED) != '\n' && !feof(PED)) {} data/plink-1.07+dfsg/merge.cpp:636:18: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). char ch = fgetc(PED); data/plink-1.07+dfsg/merge.cpp:666:13: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). char ch = fgetc(PED); data/plink-1.07+dfsg/merge.cpp:999:12: [1] (buffer) mismatch: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if (mismatch) data/plink-1.07+dfsg/merge.cpp:1069:15: [1] (buffer) mismatch: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if ( ! mismatch ) data/plink-1.07+dfsg/merge.cpp:1073:8: [1] (buffer) mismatch: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if (mismatch) data/plink-1.07+dfsg/sisocks.h:128:17: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. case EBADF: strncpy(buf,"bad descriptor",blen); break; data/plink-1.07+dfsg/sisocks.h:129:18: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. case EINVAL: strncpy(buf,"already in use",blen); break; data/plink-1.07+dfsg/sisocks.h:130:18: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. case EACCES: strncpy(buf,"access denied",blen); break; data/plink-1.07+dfsg/sisocks.h:131:20: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. case ENOTSOCK: strncpy(buf,"descriptor is not a socket",blen); break; data/plink-1.07+dfsg/sisocks.h:132:22: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. case EOPNOTSUPP: strncpy(buf,"operation not supported",blen); break; data/plink-1.07+dfsg/sisocks.h:133:18: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. case EFAULT: strncpy(buf,"fault",blen); break; data/plink-1.07+dfsg/sisocks.h:134:23: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. case EWOULDBLOCK: strncpy(buf,"operation would block",blen); break; data/plink-1.07+dfsg/sisocks.h:135:19: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. case EISCONN: strncpy(buf,"is already connected",blen); break; data/plink-1.07+dfsg/sisocks.h:136:24: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. case ECONNREFUSED: strncpy(buf,"connection refused",blen); break; data/plink-1.07+dfsg/sisocks.h:137:21: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. case ETIMEDOUT: strncpy(buf,"operation timed out",blen); break; data/plink-1.07+dfsg/sisocks.h:138:23: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. case ENETUNREACH: strncpy(buf,"network is unreachable",blen); break; data/plink-1.07+dfsg/sisocks.h:139:22: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. case EADDRINUSE: strncpy(buf,"address already in use",blen); break; data/plink-1.07+dfsg/sisocks.h:140:23: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. case EINPROGRESS: strncpy(buf,"in progress",blen); break; data/plink-1.07+dfsg/sisocks.h:141:20: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. case EALREADY: strncpy(buf,"previous connect request not completed yet",blen); break; data/plink-1.07+dfsg/tinput.cpp:95:14: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (fgetc(MAP) != '\n' && !feof(MAP)) {} data/plink-1.07+dfsg/tinput.cpp:349:11: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (fgetc(PED) != '\n' && !feof(PED)) {} data/plink-1.07+dfsg/tinput.cpp:357:11: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (fgetc(PED) != '\n' && !feof(PED)) {} data/plink-1.07+dfsg/tinput.cpp:389:18: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). char ch = fgetc(PED); data/plink-1.07+dfsg/tinput.cpp:419:13: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). char ch = fgetc(PED); data/plink-1.07+dfsg/zfstream.cpp:146:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(c_mode, "w"); data/plink-1.07+dfsg/zfstream.cpp:148:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(c_mode, "a"); data/plink-1.07+dfsg/zfstream.cpp:150:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(c_mode, "w"); data/plink-1.07+dfsg/zfstream.cpp:152:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(c_mode, "r"); data/plink-1.07+dfsg/zfstream.cpp:160:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(c_mode) == 0) data/plink-1.07+dfsg/zfstream.cpp:163:5: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(c_mode, "b"); ANALYSIS SUMMARY: Hits = 379 Lines analyzed = 102677 in approximately 2.55 seconds (40192 lines/second) Physical Source Lines of Code (SLOC) = 63766 Hits@level = [0] 38 [1] 57 [2] 301 [3] 10 [4] 11 [5] 0 Hits@level+ = [0+] 417 [1+] 379 [2+] 322 [3+] 21 [4+] 11 [5+] 0 Hits/KSLOC@level+ = [0+] 6.53954 [1+] 5.94361 [2+] 5.04971 [3+] 0.329329 [4+] 0.172506 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.