Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/r-bioc-biostrings-2.58.0/inst/include/Biostrings_defines.h Examining data/r-bioc-biostrings-2.58.0/inst/include/Biostrings_interface.h Examining data/r-bioc-biostrings-2.58.0/inst/include/_Biostrings_stubs.c Examining data/r-bioc-biostrings-2.58.0/src/BAB_class.c Examining data/r-bioc-biostrings-2.58.0/src/Biostrings.h Examining data/r-bioc-biostrings-2.58.0/src/BitMatrix.c Examining data/r-bioc-biostrings-2.58.0/src/IRanges_stubs.c Examining data/r-bioc-biostrings-2.58.0/src/MIndex_class.c Examining data/r-bioc-biostrings-2.58.0/src/PreprocessedTB_class.c Examining data/r-bioc-biostrings-2.58.0/src/R_init_Biostrings.c Examining data/r-bioc-biostrings-2.58.0/src/RoSeqs_utils.c Examining data/r-bioc-biostrings-2.58.0/src/S4Vectors_stubs.c Examining data/r-bioc-biostrings-2.58.0/src/SparseList_utils.c Examining data/r-bioc-biostrings-2.58.0/src/XStringSetList_class.c Examining data/r-bioc-biostrings-2.58.0/src/XStringSet_class.c Examining data/r-bioc-biostrings-2.58.0/src/XString_class.c Examining data/r-bioc-biostrings-2.58.0/src/XVector_stubs.c Examining data/r-bioc-biostrings-2.58.0/src/align_needwunsQS.c Examining data/r-bioc-biostrings-2.58.0/src/align_pairwiseAlignment.c Examining data/r-bioc-biostrings-2.58.0/src/align_utils.c Examining data/r-bioc-biostrings-2.58.0/src/find_palindromes.c Examining data/r-bioc-biostrings-2.58.0/src/gtestsim.c Examining data/r-bioc-biostrings-2.58.0/src/inject_code.c Examining data/r-bioc-biostrings-2.58.0/src/letter_frequency.c Examining data/r-bioc-biostrings-2.58.0/src/lowlevel_matching.c Examining data/r-bioc-biostrings-2.58.0/src/match_PWM.c Examining data/r-bioc-biostrings-2.58.0/src/match_pattern.c Examining data/r-bioc-biostrings-2.58.0/src/match_pattern_boyermoore.c Examining data/r-bioc-biostrings-2.58.0/src/match_pattern_indels.c Examining data/r-bioc-biostrings-2.58.0/src/match_pattern_shiftor.c Examining data/r-bioc-biostrings-2.58.0/src/match_pdict.c Examining data/r-bioc-biostrings-2.58.0/src/match_pdict_ACtree2.c Examining data/r-bioc-biostrings-2.58.0/src/match_pdict_Twobit.c Examining data/r-bioc-biostrings-2.58.0/src/match_pdict_utils.c Examining data/r-bioc-biostrings-2.58.0/src/match_reporting.c Examining data/r-bioc-biostrings-2.58.0/src/matchprobes.c Examining data/r-bioc-biostrings-2.58.0/src/pmatchPattern.c Examining data/r-bioc-biostrings-2.58.0/src/read_fasta_files.c Examining data/r-bioc-biostrings-2.58.0/src/read_fastq_files.c Examining data/r-bioc-biostrings-2.58.0/src/replaceAt.c Examining data/r-bioc-biostrings-2.58.0/src/replace_letter_at.c Examining data/r-bioc-biostrings-2.58.0/src/strutils.c Examining data/r-bioc-biostrings-2.58.0/src/translate.c Examining data/r-bioc-biostrings-2.58.0/src/unstrsplit_methods.c Examining data/r-bioc-biostrings-2.58.0/src/utils.c Examining data/r-bioc-biostrings-2.58.0/src/xscat.c FINAL RESULTS: data/r-bioc-biostrings-2.58.0/src/matchprobes.c:87:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(scratch, y); data/r-bioc-biostrings-2.58.0/inst/include/Biostrings_defines.h:52:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char xy2val[256][256]; data/r-bioc-biostrings-2.58.0/src/SparseList_utils.c:11:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char symbbuf[11]; data/r-bioc-biostrings-2.58.0/src/XStringSet_class.c:80:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char classname[40]; /* longest string should be "DNAStringSet" */ data/r-bioc-biostrings-2.58.0/src/XString_class.c:120:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest_ptr, CHAR(src) + i1, dest->length); data/r-bioc-biostrings-2.58.0/src/align_needwunsQS.c:143:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) RAW(tag), al1, nal * sizeof(char)); data/r-bioc-biostrings-2.58.0/src/align_needwunsQS.c:149:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) RAW(tag), al2, nal * sizeof(char)); data/r-bioc-biostrings-2.58.0/src/align_pairwiseAlignment.c:870:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tempIntPtr, mismatchBuffer.pattern, mismatchBuffer.usedSpace * sizeof(int)); data/r-bioc-biostrings-2.58.0/src/align_pairwiseAlignment.c:873:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tempIntPtr, mismatchBuffer.subject, mismatchBuffer.usedSpace * sizeof(int)); data/r-bioc-biostrings-2.58.0/src/align_pairwiseAlignment.c:877:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&mismatchBuffer.pattern[mismatchBuffer.usedSpace], align1Info.mismatch, data/r-bioc-biostrings-2.58.0/src/align_pairwiseAlignment.c:880:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&mismatchBuffer.subject[mismatchBuffer.usedSpace], align2Info.mismatch, data/r-bioc-biostrings-2.58.0/src/align_pairwiseAlignment.c:895:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tempIntPtr, indel1Buffer.start, indel1Buffer.usedSpace * sizeof(int)); data/r-bioc-biostrings-2.58.0/src/align_pairwiseAlignment.c:898:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tempIntPtr, indel1Buffer.width, indel1Buffer.usedSpace * sizeof(int)); data/r-bioc-biostrings-2.58.0/src/align_pairwiseAlignment.c:901:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&indel1Buffer.start[indel1Buffer.usedSpace], align1Info.startIndel, data/r-bioc-biostrings-2.58.0/src/align_pairwiseAlignment.c:903:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&indel1Buffer.width[indel1Buffer.usedSpace], align1Info.widthIndel, data/r-bioc-biostrings-2.58.0/src/align_pairwiseAlignment.c:918:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tempIntPtr, indel2Buffer.start, indel2Buffer.usedSpace * sizeof(int)); data/r-bioc-biostrings-2.58.0/src/align_pairwiseAlignment.c:921:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tempIntPtr, indel2Buffer.width, indel2Buffer.usedSpace * sizeof(int)); data/r-bioc-biostrings-2.58.0/src/align_pairwiseAlignment.c:924:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&indel2Buffer.start[indel2Buffer.usedSpace], align2Info.startIndel, data/r-bioc-biostrings-2.58.0/src/align_pairwiseAlignment.c:926:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&indel2Buffer.width[indel2Buffer.usedSpace], align2Info.widthIndel, data/r-bioc-biostrings-2.58.0/src/align_pairwiseAlignment.c:959:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(INTEGER(alignedPatternMismatchValues), mismatchBuffer.pattern, data/r-bioc-biostrings-2.58.0/src/align_pairwiseAlignment.c:970:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(INTEGER(alignedPatternIndelRangeStart), indel1Buffer.start, data/r-bioc-biostrings-2.58.0/src/align_pairwiseAlignment.c:972:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(INTEGER(alignedPatternIndelRangeWidth), indel1Buffer.width, data/r-bioc-biostrings-2.58.0/src/align_pairwiseAlignment.c:997:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(INTEGER(alignedSubjectMismatchValues), mismatchBuffer.subject, data/r-bioc-biostrings-2.58.0/src/align_pairwiseAlignment.c:1008:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(INTEGER(alignedSubjectIndelRangeStart), indel2Buffer.start, data/r-bioc-biostrings-2.58.0/src/align_pairwiseAlignment.c:1010:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(INTEGER(alignedSubjectIndelRangeWidth), indel2Buffer.width, data/r-bioc-biostrings-2.58.0/src/align_utils.c:128:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&alignedStringPtr[index], origStringPtr, *rangeWidth * sizeof(char)); data/r-bioc-biostrings-2.58.0/src/align_utils.c:137:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&alignedStringPtr[index], origStringPtr, copyElements * sizeof(char)); data/r-bioc-biostrings-2.58.0/src/align_utils.c:148:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&alignedStringPtr[index], origStringPtr, copyElements * sizeof(char)); data/r-bioc-biostrings-2.58.0/src/align_utils.c:280:21: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *outputPtr = (char *) R_alloc((long) (INTEGER(maxNChar)[0] + 1), sizeof(char)); data/r-bioc-biostrings-2.58.0/src/align_utils.c:290:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(outputPtr, patternPtr, numberOfChars * sizeof(char)); data/r-bioc-biostrings-2.58.0/src/inject_code.c:22:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(RAW(tag), X.ptr, X.length); data/r-bioc-biostrings-2.58.0/src/letter_frequency.c:372:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ans_elt_buf[16]; data/r-bioc-biostrings-2.58.0/src/match_pdict.c:417:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ans_col, count_buf->elts, data/r-bioc-biostrings-2.58.0/src/match_pdict_utils.c:173:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(grouped_keys->elts + 1, INTEGER(dups), data/r-bioc-biostrings-2.58.0/src/read_fasta_files.c:14:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char errmsg_buf[200]; data/r-bioc-biostrings-2.58.0/src/read_fasta_files.c:54:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) dest->ptr + dest->length, data/r-bioc-biostrings-2.58.0/src/read_fasta_files.c:243:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[IOBUF_SIZE]; data/r-bioc-biostrings-2.58.0/src/read_fasta_files.c:630:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[IOBUF_SIZE]; data/r-bioc-biostrings-2.58.0/src/read_fastq_files.c:12:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char errmsg_buf[200]; data/r-bioc-biostrings-2.58.0/src/read_fastq_files.c:52:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) dest->ptr + dest->length, data/r-bioc-biostrings-2.58.0/src/read_fastq_files.c:310:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[IOBUF_SIZE]; data/r-bioc-biostrings-2.58.0/src/read_fastq_files.c:655:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[IOBUF_SIZE]; data/r-bioc-biostrings-2.58.0/src/replaceAt.c:100:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest + dest_offset, x_holder->ptr + x_offset, data/r-bioc-biostrings-2.58.0/src/replaceAt.c:108:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest + dest_offset, value_elt_holder.ptr, data/r-bioc-biostrings-2.58.0/src/replaceAt.c:116:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest + dest_offset, x_holder->ptr + x_offset, data/r-bioc-biostrings-2.58.0/src/replace_letter_at.c:13:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char errmsg_buf[200]; data/r-bioc-biostrings-2.58.0/src/replace_letter_at.c:110:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) RAW(tag), X.ptr, X.length); data/r-bioc-biostrings-2.58.0/src/translate.c:10:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char errmsg_buf[200]; data/r-bioc-biostrings-2.58.0/src/unstrsplit_methods.c:34:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest, sep, sep_len); data/r-bioc-biostrings-2.58.0/src/unstrsplit_methods.c:38:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest, x_elt_holder.ptr, x_elt_holder.length); data/r-bioc-biostrings-2.58.0/src/unstrsplit_methods.c:57:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ans_element_type[37]; /* longest string should be "DNAString" */ data/r-bioc-biostrings-2.58.0/src/xscat.c:45:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) RAW(ans_tag) + tag_offset, data/r-bioc-biostrings-2.58.0/src/xscat.c:124:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((char *) ans_elt_holder.ptr + data/r-bioc-biostrings-2.58.0/src/align_pairwiseAlignment.c:54:7: [1] (buffer) mismatch: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. int* mismatch; data/r-bioc-biostrings-2.58.0/src/align_pairwiseAlignment.c:192:20: [1] (buffer) mismatch: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. align1InfoPtr->mismatch[align1InfoPtr->lengthMismatch] = nCharString1 - i; data/r-bioc-biostrings-2.58.0/src/align_pairwiseAlignment.c:193:20: [1] (buffer) mismatch: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. align2InfoPtr->mismatch[align2InfoPtr->lengthMismatch] = nCharString2 - j; data/r-bioc-biostrings-2.58.0/src/align_pairwiseAlignment.c:394:25: [1] (buffer) mismatch: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. memset(align1InfoPtr->mismatch, 0, alignmentBufferSize * sizeof(int)); data/r-bioc-biostrings-2.58.0/src/align_pairwiseAlignment.c:395:25: [1] (buffer) mismatch: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. memset(align2InfoPtr->mismatch, 0, alignmentBufferSize * sizeof(int)); data/r-bioc-biostrings-2.58.0/src/align_pairwiseAlignment.c:877:74: [1] (buffer) mismatch: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. memcpy(&mismatchBuffer.pattern[mismatchBuffer.usedSpace], align1Info.mismatch, data/r-bioc-biostrings-2.58.0/src/align_pairwiseAlignment.c:880:74: [1] (buffer) mismatch: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. memcpy(&mismatchBuffer.subject[mismatchBuffer.usedSpace], align2Info.mismatch, data/r-bioc-biostrings-2.58.0/src/align_utils.c:289:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int numberOfChars = strlen(patternPtr); data/r-bioc-biostrings-2.58.0/src/match_pattern_indels.c:15:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). P.length = strlen(P.ptr); data/r-bioc-biostrings-2.58.0/src/match_pattern_indels.c:17:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). S.length = strlen(S.ptr); data/r-bioc-biostrings-2.58.0/src/matchprobes.c:75:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). rv->len = strlen(y); data/r-bioc-biostrings-2.58.0/src/matchprobes.c:80:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(y); data/r-bioc-biostrings-2.58.0/src/read_fasta_files.c:247:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). FASTA_desc_markup_length = strlen(FASTA_desc_markup); data/r-bioc-biostrings-2.58.0/src/read_fasta_files.c:265:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). nbyte_in = strlen(buf); data/r-bioc-biostrings-2.58.0/src/read_fastq_files.c:315:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). FASTQ_line1_markup_length = strlen(FASTQ_line1_markup); data/r-bioc-biostrings-2.58.0/src/read_fastq_files.c:316:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). FASTQ_line3_markup_length = strlen(FASTQ_line3_markup); data/r-bioc-biostrings-2.58.0/src/read_fastq_files.c:334:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). nbyte_in = strlen(buf); data/r-bioc-biostrings-2.58.0/src/strutils.c:49:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(pc)!=1) { data/r-bioc-biostrings-2.58.0/src/strutils.c:51:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(pc)); data/r-bioc-biostrings-2.58.0/src/strutils.c:63:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for(j=0; j<strlen(seq); j++) { ANALYSIS SUMMARY: Hits = 73 Lines analyzed = 14415 in approximately 0.36 seconds (39928 lines/second) Physical Source Lines of Code (SLOC) = 10521 Hits@level = [0] 24 [1] 20 [2] 52 [3] 0 [4] 1 [5] 0 Hits@level+ = [0+] 97 [1+] 73 [2+] 53 [3+] 1 [4+] 1 [5+] 0 Hits/KSLOC@level+ = [0+] 9.21966 [1+] 6.9385 [2+] 5.03754 [3+] 0.095048 [4+] 0.095048 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.