Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/ragout-2.3/ragout/maf2synteny/cpp_impl/breakpoint_graph.cpp Examining data/ragout-2.3/ragout/maf2synteny/cpp_impl/breakpoint_graph.h Examining data/ragout-2.3/ragout/maf2synteny/cpp_impl/compress_algorithms.cpp Examining data/ragout-2.3/ragout/maf2synteny/cpp_impl/compress_algorithms.h Examining data/ragout-2.3/ragout/maf2synteny/cpp_impl/disjoint_set.h Examining data/ragout-2.3/ragout/maf2synteny/cpp_impl/maf_tools.cpp Examining data/ragout-2.3/ragout/maf2synteny/cpp_impl/maf_tools.h Examining data/ragout-2.3/ragout/maf2synteny/cpp_impl/main.cpp Examining data/ragout-2.3/ragout/maf2synteny/cpp_impl/permutation.cpp Examining data/ragout-2.3/ragout/maf2synteny/cpp_impl/permutation.h Examining data/ragout-2.3/ragout/maf2synteny/cpp_impl/utility.h Examining data/ragout-2.3/ragout/overlap/cpp_impl/build_graph.cpp Examining data/ragout-2.3/ragout/overlap/cpp_impl/build_graph.h Examining data/ragout-2.3/ragout/overlap/cpp_impl/fasta.cpp Examining data/ragout-2.3/ragout/overlap/cpp_impl/fasta.h Examining data/ragout-2.3/ragout/overlap/cpp_impl/main.cpp Examining data/ragout-2.3/ragout/overlap/cpp_impl/overlap.cpp Examining data/ragout-2.3/ragout/overlap/cpp_impl/overlap.h Examining data/ragout-2.3/ragout/overlap/cpp_impl/suffix_array.cpp Examining data/ragout-2.3/ragout/overlap/cpp_impl/suffix_array.h FINAL RESULTS: data/ragout-2.3/ragout/maf2synteny/cpp_impl/main.cpp:208:16: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((opt = getopt(argc, argv, optString)) != -1) data/ragout-2.3/ragout/maf2synteny/cpp_impl/maf_tools.cpp:143:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int start = atoi(tokens[3].c_str()); data/ragout-2.3/ragout/maf2synteny/cpp_impl/maf_tools.cpp:144:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int end = atoi(tokens[4].c_str()); data/ragout-2.3/ragout/maf2synteny/cpp_impl/maf_tools.cpp:151:45: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (attr.substr(0, 2) == "id") blockId = atoi(attr.substr(3).c_str()); data/ragout-2.3/ragout/maf2synteny/cpp_impl/main.cpp:96:11: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int k = atoi(buffer.substr(0, sep).c_str()); data/ragout-2.3/ragout/maf2synteny/cpp_impl/main.cpp:97:11: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int d = atoi(buffer.substr(sep + 1).c_str()); data/ragout-2.3/ragout/maf2synteny/cpp_impl/utility.h:29:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cstr[128]; data/ragout-2.3/ragout/overlap/cpp_impl/main.cpp:52:51: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). return !makeOverlapGraph(posArgs[1], posArgs[2], atoi(posArgs[3].c_str()), data/ragout-2.3/ragout/overlap/cpp_impl/main.cpp:53:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). atoi(posArgs[4].c_str()), detectKmer, drawHist); data/ragout-2.3/ragout/overlap/cpp_impl/suffix_array.cpp:44:92: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. #define chr(_a) (cs == sizeof(sais_index_type) ? ((sais_index_type *)T)[(_a)] : ((unsigned char *)T)[(_a)]) data/ragout-2.3/ragout/overlap/cpp_impl/overlap.cpp:117:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read[read.length() - 1] == 'N') return; data/ragout-2.3/ragout/overlap/cpp_impl/overlap.cpp:117:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read[read.length() - 1] == 'N') return; data/ragout-2.3/ragout/overlap/cpp_impl/overlap.cpp:118:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). long long l = c_[read[read.length() - 1]]; data/ragout-2.3/ragout/overlap/cpp_impl/overlap.cpp:118:25: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). long long l = c_[read[read.length() - 1]]; data/ragout-2.3/ragout/overlap/cpp_impl/overlap.cpp:119:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). long long r = c_[read[read.length() - 1] + 1] - 1; data/ragout-2.3/ragout/overlap/cpp_impl/overlap.cpp:119:25: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). long long r = c_[read[read.length() - 1] + 1] - 1; data/ragout-2.3/ragout/overlap/cpp_impl/overlap.cpp:120:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int i = read.length() - 2; data/ragout-2.3/ragout/overlap/cpp_impl/overlap.cpp:124:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read[i] == 'N') return; data/ragout-2.3/ragout/overlap/cpp_impl/overlap.cpp:125:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). l = c_[read[i]] + occ_[read[i]][l - 1]; data/ragout-2.3/ragout/overlap/cpp_impl/overlap.cpp:125:27: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). l = c_[read[i]] + occ_[read[i]][l - 1]; data/ragout-2.3/ragout/overlap/cpp_impl/overlap.cpp:126:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). r = c_[read[i]] + occ_[read[i]][r] - 1; data/ragout-2.3/ragout/overlap/cpp_impl/overlap.cpp:126:27: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). r = c_[read[i]] + occ_[read[i]][r] - 1; data/ragout-2.3/ragout/overlap/cpp_impl/overlap.cpp:128:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((int)read.length() - i >= minOverlap) data/ragout-2.3/ragout/overlap/cpp_impl/overlap.cpp:140:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read.length() - i)); ANALYSIS SUMMARY: Hits = 24 Lines analyzed = 2925 in approximately 0.14 seconds (21485 lines/second) Physical Source Lines of Code (SLOC) = 2314 Hits@level = [0] 0 [1] 14 [2] 9 [3] 1 [4] 0 [5] 0 Hits@level+ = [0+] 24 [1+] 24 [2+] 10 [3+] 1 [4+] 0 [5+] 0 Hits/KSLOC@level+ = [0+] 10.3717 [1+] 10.3717 [2+] 4.32152 [3+] 0.432152 [4+] 0 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.