Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/sga-0.10.15/src/Algorithm/ClusterProcess.cpp Examining data/sga-0.10.15/src/Algorithm/ClusterProcess.h Examining data/sga-0.10.15/src/Algorithm/ConnectProcess.cpp Examining data/sga-0.10.15/src/Algorithm/ConnectProcess.h Examining data/sga-0.10.15/src/Algorithm/DPAlignment.cpp Examining data/sga-0.10.15/src/Algorithm/DPAlignment.h Examining data/sga-0.10.15/src/Algorithm/ErrorCorrectProcess.cpp Examining data/sga-0.10.15/src/Algorithm/ErrorCorrectProcess.h Examining data/sga-0.10.15/src/Algorithm/ExtensionDP.cpp Examining data/sga-0.10.15/src/Algorithm/ExtensionDP.h Examining data/sga-0.10.15/src/Algorithm/FMMergeProcess.cpp Examining data/sga-0.10.15/src/Algorithm/FMMergeProcess.h Examining data/sga-0.10.15/src/Algorithm/GapFillProcess.h Examining data/sga-0.10.15/src/Algorithm/HaplotypeBuilder.cpp Examining data/sga-0.10.15/src/Algorithm/HaplotypeBuilder.h Examining data/sga-0.10.15/src/Algorithm/KmerOverlaps.cpp Examining data/sga-0.10.15/src/Algorithm/KmerOverlaps.h Examining data/sga-0.10.15/src/Algorithm/LRAlignment.cpp Examining data/sga-0.10.15/src/Algorithm/LRAlignment.h Examining data/sga-0.10.15/src/Algorithm/OverlapAlgorithm.cpp Examining data/sga-0.10.15/src/Algorithm/OverlapAlgorithm.h Examining data/sga-0.10.15/src/Algorithm/OverlapBlock.cpp Examining data/sga-0.10.15/src/Algorithm/OverlapBlock.h Examining data/sga-0.10.15/src/Algorithm/OverlapTools.cpp Examining data/sga-0.10.15/src/Algorithm/OverlapTools.h Examining data/sga-0.10.15/src/Algorithm/QCProcess.cpp Examining data/sga-0.10.15/src/Algorithm/QCProcess.h Examining data/sga-0.10.15/src/Algorithm/ReadCluster.cpp Examining data/sga-0.10.15/src/Algorithm/ReadCluster.h Examining data/sga-0.10.15/src/Algorithm/SearchHistory.cpp Examining data/sga-0.10.15/src/Algorithm/SearchHistory.h Examining data/sga-0.10.15/src/Algorithm/SearchSeed.cpp Examining data/sga-0.10.15/src/Algorithm/SearchSeed.h Examining data/sga-0.10.15/src/Algorithm/StatsProcess.cpp Examining data/sga-0.10.15/src/Algorithm/StatsProcess.h Examining data/sga-0.10.15/src/Algorithm/StringGraphGenerator.cpp Examining data/sga-0.10.15/src/Algorithm/StringGraphGenerator.h Examining data/sga-0.10.15/src/Algorithm/StringThreader.cpp Examining data/sga-0.10.15/src/Algorithm/StringThreader.h Examining data/sga-0.10.15/src/Algorithm/VariationBuilderCommon.cpp Examining data/sga-0.10.15/src/Algorithm/VariationBuilderCommon.h Examining data/sga-0.10.15/src/Algorithm/GapFillProcess.cpp Examining data/sga-0.10.15/src/Bigraph/Bigraph.cpp Examining data/sga-0.10.15/src/Bigraph/Bigraph.h Examining data/sga-0.10.15/src/Bigraph/Edge.cpp Examining data/sga-0.10.15/src/Bigraph/Edge.h Examining data/sga-0.10.15/src/Bigraph/EdgeDesc.cpp Examining data/sga-0.10.15/src/Bigraph/EdgeDesc.h Examining data/sga-0.10.15/src/Bigraph/GraphCommon.h Examining data/sga-0.10.15/src/Bigraph/Vertex.cpp Examining data/sga-0.10.15/src/Bigraph/Vertex.h Examining data/sga-0.10.15/src/Concurrency/MkqsThread.h Examining data/sga-0.10.15/src/Concurrency/OverlapProcess.cpp Examining data/sga-0.10.15/src/Concurrency/OverlapProcess.h Examining data/sga-0.10.15/src/Concurrency/RmdupProcess.cpp Examining data/sga-0.10.15/src/Concurrency/RmdupProcess.h Examining data/sga-0.10.15/src/Concurrency/SequenceProcessFramework.h Examining data/sga-0.10.15/src/Concurrency/SequenceWorkItem.h Examining data/sga-0.10.15/src/Concurrency/ThreadWorker.h Examining data/sga-0.10.15/src/GraphDiff/DBGPathGuide.cpp Examining data/sga-0.10.15/src/GraphDiff/DBGPathGuide.h Examining data/sga-0.10.15/src/GraphDiff/DeBruijnHaplotypeBuilder.cpp Examining data/sga-0.10.15/src/GraphDiff/DeBruijnHaplotypeBuilder.h Examining data/sga-0.10.15/src/GraphDiff/DindelHMM.cpp Examining data/sga-0.10.15/src/GraphDiff/DindelHMM.h Examining data/sga-0.10.15/src/GraphDiff/DindelRealignWindow.cpp Examining data/sga-0.10.15/src/GraphDiff/DindelRealignWindow.h Examining data/sga-0.10.15/src/GraphDiff/DindelUtil.cpp Examining data/sga-0.10.15/src/GraphDiff/DindelUtil.h Examining data/sga-0.10.15/src/GraphDiff/GraphCompare.cpp Examining data/sga-0.10.15/src/GraphDiff/GraphCompare.h Examining data/sga-0.10.15/src/GraphDiff/HapgenUtil.cpp Examining data/sga-0.10.15/src/GraphDiff/HapgenUtil.h Examining data/sga-0.10.15/src/GraphDiff/IOverlapExtractor.h Examining data/sga-0.10.15/src/GraphDiff/OverlapExtractorWithCorrection.cpp Examining data/sga-0.10.15/src/GraphDiff/OverlapExtractorWithCorrection.h Examining data/sga-0.10.15/src/GraphDiff/OverlapHaplotypeBuilder.cpp Examining data/sga-0.10.15/src/GraphDiff/OverlapHaplotypeBuilder.h Examining data/sga-0.10.15/src/GraphDiff/PairedDeBruijnHaplotypeBuilder.cpp Examining data/sga-0.10.15/src/GraphDiff/PairedDeBruijnHaplotypeBuilder.h Examining data/sga-0.10.15/src/GraphDiff/StringHaplotypeBuilder.cpp Examining data/sga-0.10.15/src/GraphDiff/StringHaplotypeBuilder.h Examining data/sga-0.10.15/src/GraphDiff/VCFTester.cpp Examining data/sga-0.10.15/src/GraphDiff/VCFTester.h Examining data/sga-0.10.15/src/SGA/OverlapCommon.cpp Examining data/sga-0.10.15/src/SGA/OverlapCommon.h Examining data/sga-0.10.15/src/SGA/SGACommon.h Examining data/sga-0.10.15/src/SGA/assemble.cpp Examining data/sga-0.10.15/src/SGA/assemble.h Examining data/sga-0.10.15/src/SGA/bwt2fa.cpp Examining data/sga-0.10.15/src/SGA/bwt2fa.h Examining data/sga-0.10.15/src/SGA/cluster.cpp Examining data/sga-0.10.15/src/SGA/cluster.h Examining data/sga-0.10.15/src/SGA/connect.cpp Examining data/sga-0.10.15/src/SGA/connect.h Examining data/sga-0.10.15/src/SGA/correct.cpp Examining data/sga-0.10.15/src/SGA/correct.h Examining data/sga-0.10.15/src/SGA/extract.cpp Examining data/sga-0.10.15/src/SGA/extract.h Examining data/sga-0.10.15/src/SGA/filter.cpp Examining data/sga-0.10.15/src/SGA/filter.h Examining data/sga-0.10.15/src/SGA/filterBAM.cpp Examining data/sga-0.10.15/src/SGA/filterBAM.h Examining data/sga-0.10.15/src/SGA/fm-merge.cpp Examining data/sga-0.10.15/src/SGA/fm-merge.h Examining data/sga-0.10.15/src/SGA/gapfill.cpp Examining data/sga-0.10.15/src/SGA/gapfill.h Examining data/sga-0.10.15/src/SGA/gen-ssa.cpp Examining data/sga-0.10.15/src/SGA/gen-ssa.h Examining data/sga-0.10.15/src/SGA/gmap.cpp Examining data/sga-0.10.15/src/SGA/gmap.h Examining data/sga-0.10.15/src/SGA/graph-concordance.cpp Examining data/sga-0.10.15/src/SGA/graph-concordance.h Examining data/sga-0.10.15/src/SGA/graph-diff.cpp Examining data/sga-0.10.15/src/SGA/graph-diff.h Examining data/sga-0.10.15/src/SGA/haplotype-filter.cpp Examining data/sga-0.10.15/src/SGA/haplotype-filter.h Examining data/sga-0.10.15/src/SGA/index.cpp Examining data/sga-0.10.15/src/SGA/index.h Examining data/sga-0.10.15/src/SGA/kmer-count.cpp Examining data/sga-0.10.15/src/SGA/kmer-count.h Examining data/sga-0.10.15/src/SGA/merge.cpp Examining data/sga-0.10.15/src/SGA/merge.h Examining data/sga-0.10.15/src/SGA/overlap-long.cpp Examining data/sga-0.10.15/src/SGA/overlap-long.h Examining data/sga-0.10.15/src/SGA/overlap.cpp Examining data/sga-0.10.15/src/SGA/overlap.h Examining data/sga-0.10.15/src/SGA/oview.cpp Examining data/sga-0.10.15/src/SGA/oview.h Examining data/sga-0.10.15/src/SGA/preprocess.cpp Examining data/sga-0.10.15/src/SGA/preprocess.h Examining data/sga-0.10.15/src/SGA/preqc.cpp Examining data/sga-0.10.15/src/SGA/preqc.h Examining data/sga-0.10.15/src/SGA/rewrite-evidence-bam.cpp Examining data/sga-0.10.15/src/SGA/rewrite-evidence-bam.h Examining data/sga-0.10.15/src/SGA/rmdup.h Examining data/sga-0.10.15/src/SGA/scaffold.cpp Examining data/sga-0.10.15/src/SGA/scaffold.h Examining data/sga-0.10.15/src/SGA/scaffold2fasta.cpp Examining data/sga-0.10.15/src/SGA/scaffold2fasta.h Examining data/sga-0.10.15/src/SGA/sga.cpp Examining data/sga-0.10.15/src/SGA/somatic-variant-filters.cpp Examining data/sga-0.10.15/src/SGA/somatic-variant-filters.h Examining data/sga-0.10.15/src/SGA/stats.cpp Examining data/sga-0.10.15/src/SGA/stats.h Examining data/sga-0.10.15/src/SGA/subgraph.cpp Examining data/sga-0.10.15/src/SGA/subgraph.h Examining data/sga-0.10.15/src/SGA/variant-detectability.cpp Examining data/sga-0.10.15/src/SGA/variant-detectability.h Examining data/sga-0.10.15/src/SGA/walk.cpp Examining data/sga-0.10.15/src/SGA/walk.h Examining data/sga-0.10.15/src/SGA/rmdup.cpp Examining data/sga-0.10.15/src/SQG/ASQG.cpp Examining data/sga-0.10.15/src/SQG/ASQG.h Examining data/sga-0.10.15/src/SQG/SQG.cpp Examining data/sga-0.10.15/src/SQG/SQG.h Examining data/sga-0.10.15/src/Scaffold/ScaffoldAlgorithms.cpp Examining data/sga-0.10.15/src/Scaffold/ScaffoldAlgorithms.h Examining data/sga-0.10.15/src/Scaffold/ScaffoldEdge.cpp Examining data/sga-0.10.15/src/Scaffold/ScaffoldEdge.h Examining data/sga-0.10.15/src/Scaffold/ScaffoldGraph.cpp Examining data/sga-0.10.15/src/Scaffold/ScaffoldGraph.h Examining data/sga-0.10.15/src/Scaffold/ScaffoldGroup.cpp Examining data/sga-0.10.15/src/Scaffold/ScaffoldGroup.h Examining data/sga-0.10.15/src/Scaffold/ScaffoldLink.cpp Examining data/sga-0.10.15/src/Scaffold/ScaffoldLink.h Examining data/sga-0.10.15/src/Scaffold/ScaffoldRecord.cpp Examining data/sga-0.10.15/src/Scaffold/ScaffoldRecord.h Examining data/sga-0.10.15/src/Scaffold/ScaffoldSearch.cpp Examining data/sga-0.10.15/src/Scaffold/ScaffoldSearch.h Examining data/sga-0.10.15/src/Scaffold/ScaffoldSequenceCollection.cpp Examining data/sga-0.10.15/src/Scaffold/ScaffoldSequenceCollection.h Examining data/sga-0.10.15/src/Scaffold/ScaffoldVertex.cpp Examining data/sga-0.10.15/src/Scaffold/ScaffoldVertex.h Examining data/sga-0.10.15/src/Scaffold/ScaffoldVisitors.cpp Examining data/sga-0.10.15/src/Scaffold/ScaffoldVisitors.h Examining data/sga-0.10.15/src/Scaffold/ScaffoldWalk.cpp Examining data/sga-0.10.15/src/Scaffold/ScaffoldWalk.h Examining data/sga-0.10.15/src/StringGraph/CompleteOverlapSet.cpp Examining data/sga-0.10.15/src/StringGraph/CompleteOverlapSet.h Examining data/sga-0.10.15/src/StringGraph/GraphSearchTree.h Examining data/sga-0.10.15/src/StringGraph/RemovalAlgorithm.cpp Examining data/sga-0.10.15/src/StringGraph/RemovalAlgorithm.h Examining data/sga-0.10.15/src/StringGraph/SGAlgorithms.cpp Examining data/sga-0.10.15/src/StringGraph/SGAlgorithms.h Examining data/sga-0.10.15/src/StringGraph/SGSearch.cpp Examining data/sga-0.10.15/src/StringGraph/SGSearch.h Examining data/sga-0.10.15/src/StringGraph/SGUtil.cpp Examining data/sga-0.10.15/src/StringGraph/SGUtil.h Examining data/sga-0.10.15/src/StringGraph/SGVisitors.cpp Examining data/sga-0.10.15/src/StringGraph/SGVisitors.h Examining data/sga-0.10.15/src/StringGraph/SGWalk.cpp Examining data/sga-0.10.15/src/StringGraph/SGWalk.h Examining data/sga-0.10.15/src/SuffixTools/BWT.h Examining data/sga-0.10.15/src/SuffixTools/BWTAlgorithms.cpp Examining data/sga-0.10.15/src/SuffixTools/BWTAlgorithms.h Examining data/sga-0.10.15/src/SuffixTools/BWTCABauerCoxRosone.cpp Examining data/sga-0.10.15/src/SuffixTools/BWTCABauerCoxRosone.h Examining data/sga-0.10.15/src/SuffixTools/BWTCARopebwt.cpp Examining data/sga-0.10.15/src/SuffixTools/BWTCARopebwt.h Examining data/sga-0.10.15/src/SuffixTools/BWTDiskConstruction.cpp Examining data/sga-0.10.15/src/SuffixTools/BWTDiskConstruction.h Examining data/sga-0.10.15/src/SuffixTools/BWTIndexSet.h Examining data/sga-0.10.15/src/SuffixTools/BWTInterval.h Examining data/sga-0.10.15/src/SuffixTools/BWTIntervalCache.cpp Examining data/sga-0.10.15/src/SuffixTools/BWTIntervalCache.h Examining data/sga-0.10.15/src/SuffixTools/BWTReader.cpp Examining data/sga-0.10.15/src/SuffixTools/BWTReader.h Examining data/sga-0.10.15/src/SuffixTools/BWTReaderAscii.cpp Examining data/sga-0.10.15/src/SuffixTools/BWTReaderAscii.h Examining data/sga-0.10.15/src/SuffixTools/BWTReaderBinary.cpp Examining data/sga-0.10.15/src/SuffixTools/BWTReaderBinary.h Examining data/sga-0.10.15/src/SuffixTools/BWTTraverse.cpp Examining data/sga-0.10.15/src/SuffixTools/BWTTraverse.h Examining data/sga-0.10.15/src/SuffixTools/BWTWriter.cpp Examining data/sga-0.10.15/src/SuffixTools/BWTWriter.h Examining data/sga-0.10.15/src/SuffixTools/BWTWriterAscii.cpp Examining data/sga-0.10.15/src/SuffixTools/BWTWriterAscii.h Examining data/sga-0.10.15/src/SuffixTools/BWTWriterBinary.cpp Examining data/sga-0.10.15/src/SuffixTools/BWTWriterBinary.h Examining data/sga-0.10.15/src/SuffixTools/FMMarkers.h Examining data/sga-0.10.15/src/SuffixTools/GapArray.cpp Examining data/sga-0.10.15/src/SuffixTools/GapArray.h Examining data/sga-0.10.15/src/SuffixTools/HitData.h Examining data/sga-0.10.15/src/SuffixTools/InverseSuffixArray.cpp Examining data/sga-0.10.15/src/SuffixTools/InverseSuffixArray.h Examining data/sga-0.10.15/src/SuffixTools/Occurrence.cpp Examining data/sga-0.10.15/src/SuffixTools/Occurrence.h Examining data/sga-0.10.15/src/SuffixTools/PopulationIndex.cpp Examining data/sga-0.10.15/src/SuffixTools/PopulationIndex.h Examining data/sga-0.10.15/src/SuffixTools/QuickBWT.cpp Examining data/sga-0.10.15/src/SuffixTools/QuickBWT.h Examining data/sga-0.10.15/src/SuffixTools/RLBWT.cpp Examining data/sga-0.10.15/src/SuffixTools/RLBWT.h Examining data/sga-0.10.15/src/SuffixTools/RLUnit.h Examining data/sga-0.10.15/src/SuffixTools/RankProcess.cpp Examining data/sga-0.10.15/src/SuffixTools/RankProcess.h Examining data/sga-0.10.15/src/SuffixTools/SACAInducedCopying.cpp Examining data/sga-0.10.15/src/SuffixTools/SACAInducedCopying.h Examining data/sga-0.10.15/src/SuffixTools/SAReader.cpp Examining data/sga-0.10.15/src/SuffixTools/SAReader.h Examining data/sga-0.10.15/src/SuffixTools/SAWriter.cpp Examining data/sga-0.10.15/src/SuffixTools/SAWriter.h Examining data/sga-0.10.15/src/SuffixTools/SBWT.cpp Examining data/sga-0.10.15/src/SuffixTools/SBWT.h Examining data/sga-0.10.15/src/SuffixTools/STCommon.cpp Examining data/sga-0.10.15/src/SuffixTools/STCommon.h Examining data/sga-0.10.15/src/SuffixTools/STGlobals.h Examining data/sga-0.10.15/src/SuffixTools/SampledSuffixArray.cpp Examining data/sga-0.10.15/src/SuffixTools/SampledSuffixArray.h Examining data/sga-0.10.15/src/SuffixTools/SparseGapArray.h Examining data/sga-0.10.15/src/SuffixTools/SuffixArray.cpp Examining data/sga-0.10.15/src/SuffixTools/SuffixArray.h Examining data/sga-0.10.15/src/SuffixTools/SuffixCompare.cpp Examining data/sga-0.10.15/src/SuffixTools/SuffixCompare.h Examining data/sga-0.10.15/src/Thirdparty/MurmurHash3.cpp Examining data/sga-0.10.15/src/Thirdparty/MurmurHash3.h Examining data/sga-0.10.15/src/Thirdparty/bcr.c Examining data/sga-0.10.15/src/Thirdparty/bcr.h Examining data/sga-0.10.15/src/Thirdparty/count_min_sketch.cpp Examining data/sga-0.10.15/src/Thirdparty/count_min_sketch.h Examining data/sga-0.10.15/src/Thirdparty/gzstream.C Examining data/sga-0.10.15/src/Thirdparty/gzstream.h Examining data/sga-0.10.15/src/Thirdparty/multiple_alignment.cpp Examining data/sga-0.10.15/src/Thirdparty/multiple_alignment.h Examining data/sga-0.10.15/src/Thirdparty/overlapper.cpp Examining data/sga-0.10.15/src/Thirdparty/overlapper.h Examining data/sga-0.10.15/src/Thirdparty/rapidjson/allocators.h Examining data/sga-0.10.15/src/Thirdparty/rapidjson/document.h Examining data/sga-0.10.15/src/Thirdparty/rapidjson/encodedstream.h Examining data/sga-0.10.15/src/Thirdparty/rapidjson/encodings.h Examining data/sga-0.10.15/src/Thirdparty/rapidjson/filereadstream.h Examining data/sga-0.10.15/src/Thirdparty/rapidjson/filestream.h Examining data/sga-0.10.15/src/Thirdparty/rapidjson/filewritestream.h Examining data/sga-0.10.15/src/Thirdparty/rapidjson/internal/pow10.h Examining data/sga-0.10.15/src/Thirdparty/rapidjson/internal/stack.h Examining data/sga-0.10.15/src/Thirdparty/rapidjson/internal/strfunc.h Examining data/sga-0.10.15/src/Thirdparty/rapidjson/prettywriter.h Examining data/sga-0.10.15/src/Thirdparty/rapidjson/rapidjson.h Examining data/sga-0.10.15/src/Thirdparty/rapidjson/reader.h Examining data/sga-0.10.15/src/Thirdparty/rapidjson/stringbuffer.h Examining data/sga-0.10.15/src/Thirdparty/rapidjson/writer.h Examining data/sga-0.10.15/src/Thirdparty/stdaln.c Examining data/sga-0.10.15/src/Thirdparty/stdaln.h Examining data/sga-0.10.15/src/Util/Alphabet.cpp Examining data/sga-0.10.15/src/Util/Alphabet.h Examining data/sga-0.10.15/src/Util/BWT4Codec.h Examining data/sga-0.10.15/src/Util/BWTCodec.h Examining data/sga-0.10.15/src/Util/BitChar.cpp Examining data/sga-0.10.15/src/Util/BitChar.h Examining data/sga-0.10.15/src/Util/BitVector.cpp Examining data/sga-0.10.15/src/Util/BitVector.h Examining data/sga-0.10.15/src/Util/BloomFilter.cpp Examining data/sga-0.10.15/src/Util/BloomFilter.h Examining data/sga-0.10.15/src/Util/ClusterReader.h Examining data/sga-0.10.15/src/Util/Contig.cpp Examining data/sga-0.10.15/src/Util/Contig.h Examining data/sga-0.10.15/src/Util/CorrectionThresholds.cpp Examining data/sga-0.10.15/src/Util/CorrectionThresholds.h Examining data/sga-0.10.15/src/Util/DNACodec.h Examining data/sga-0.10.15/src/Util/DNADouble.h Examining data/sga-0.10.15/src/Util/DNAString.cpp Examining data/sga-0.10.15/src/Util/DNAString.h Examining data/sga-0.10.15/src/Util/EncodedString.h Examining data/sga-0.10.15/src/Util/HashMap.h Examining data/sga-0.10.15/src/Util/Interval.cpp Examining data/sga-0.10.15/src/Util/Interval.h Examining data/sga-0.10.15/src/Util/KmerDistribution.cpp Examining data/sga-0.10.15/src/Util/KmerDistribution.h Examining data/sga-0.10.15/src/Util/Match.cpp Examining data/sga-0.10.15/src/Util/Match.h Examining data/sga-0.10.15/src/Util/Metrics.h Examining data/sga-0.10.15/src/Util/MultiAlignment.cpp Examining data/sga-0.10.15/src/Util/MultiAlignment.h Examining data/sga-0.10.15/src/Util/MultiOverlap.cpp Examining data/sga-0.10.15/src/Util/MultiOverlap.h Examining data/sga-0.10.15/src/Util/NoCodec.h Examining data/sga-0.10.15/src/Util/Pileup.cpp Examining data/sga-0.10.15/src/Util/Pileup.h Examining data/sga-0.10.15/src/Util/PrimerScreen.cpp Examining data/sga-0.10.15/src/Util/PrimerScreen.h Examining data/sga-0.10.15/src/Util/Profiler.h Examining data/sga-0.10.15/src/Util/Quality.cpp Examining data/sga-0.10.15/src/Util/Quality.h Examining data/sga-0.10.15/src/Util/QualityCodec.h Examining data/sga-0.10.15/src/Util/QualityTable.cpp Examining data/sga-0.10.15/src/Util/QualityTable.h Examining data/sga-0.10.15/src/Util/QualityVector.cpp Examining data/sga-0.10.15/src/Util/QualityVector.h Examining data/sga-0.10.15/src/Util/ReadInfoTable.cpp Examining data/sga-0.10.15/src/Util/ReadInfoTable.h Examining data/sga-0.10.15/src/Util/ReadTable.cpp Examining data/sga-0.10.15/src/Util/ReadTable.h Examining data/sga-0.10.15/src/Util/SGAStats.cpp Examining data/sga-0.10.15/src/Util/SGAStats.h Examining data/sga-0.10.15/src/Util/SeqCoord.cpp Examining data/sga-0.10.15/src/Util/SeqCoord.h Examining data/sga-0.10.15/src/Util/SeqReader.cpp Examining data/sga-0.10.15/src/Util/SeqReader.h Examining data/sga-0.10.15/src/Util/SimpleAllocator.h Examining data/sga-0.10.15/src/Util/SimplePool.h Examining data/sga-0.10.15/src/Util/StdAlnTools.h Examining data/sga-0.10.15/src/Util/Timer.h Examining data/sga-0.10.15/src/Util/Util.cpp Examining data/sga-0.10.15/src/Util/Util.h Examining data/sga-0.10.15/src/Util/VCFUtil.cpp Examining data/sga-0.10.15/src/Util/VCFUtil.h Examining data/sga-0.10.15/src/Util/VariantIndex.h Examining data/sga-0.10.15/src/Util/Verbosity.h Examining data/sga-0.10.15/src/Util/bucketSort.cpp Examining data/sga-0.10.15/src/Util/bucketSort.h Examining data/sga-0.10.15/src/Util/mkqs.h Examining data/sga-0.10.15/src/Util/VariantIndex.cpp Examining data/sga-0.10.15/src/Util/ClusterReader.cpp Examining data/sga-0.10.15/src/Util/StdAlnTools.cpp FINAL RESULTS: data/sga-0.10.15/src/SGA/assemble.cpp:234:23: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. for (char c; (c = getopt_long(argc, argv, shortopts, longopts, NULL)) != -1;) data/sga-0.10.15/src/SGA/bwt2fa.cpp:96:23: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. for (char c; (c = getopt_long(argc, argv, shortopts, longopts, NULL)) != -1;) data/sga-0.10.15/src/SGA/cluster.cpp:292:23: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. for (char c; (c = getopt_long(argc, argv, shortopts, longopts, NULL)) != -1;) data/sga-0.10.15/src/SGA/connect.cpp:465:23: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. for (char c; (c = getopt_long(argc, argv, shortopts, longopts, NULL)) != -1;) data/sga-0.10.15/src/SGA/correct.cpp:277:5: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(time(0)); data/sga-0.10.15/src/SGA/correct.cpp:330:23: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. for (char c; (c = getopt_long(argc, argv, shortopts, longopts, NULL)) != -1;) data/sga-0.10.15/src/SGA/extract.cpp:86:23: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. for (char c; (c = getopt_long(argc, argv, shortopts, longopts, NULL)) != -1;) data/sga-0.10.15/src/SGA/filter.cpp:217:23: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. for (char c; (c = getopt_long(argc, argv, shortopts, longopts, NULL)) != -1;) data/sga-0.10.15/src/SGA/filterBAM.cpp:438:23: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. for (char c; (c = getopt_long(argc, argv, shortopts, longopts, NULL)) != -1;) data/sga-0.10.15/src/SGA/fm-merge.cpp:164:23: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. for (char c; (c = getopt_long(argc, argv, shortopts, longopts, NULL)) != -1;) data/sga-0.10.15/src/SGA/gapfill.cpp:148:23: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. for (char c; (c = getopt_long(argc, argv, shortopts, longopts, NULL)) != -1;) data/sga-0.10.15/src/SGA/gen-ssa.cpp:108:23: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. for (char c; (c = getopt_long(argc, argv, shortopts, longopts, NULL)) != -1;) data/sga-0.10.15/src/SGA/gmap.cpp:303:23: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. for (char c; (c = getopt_long(argc, argv, shortopts, longopts, NULL)) != -1;) data/sga-0.10.15/src/SGA/graph-concordance.cpp:437:23: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. for (char c; (c = getopt_long(argc, argv, shortopts, longopts, NULL)) != -1;) data/sga-0.10.15/src/SGA/graph-diff.cpp:493:23: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. for (char c; (c = getopt_long(argc, argv, shortopts, longopts, NULL)) != -1;) data/sga-0.10.15/src/SGA/haplotype-filter.cpp:284:5: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(time(NULL)); data/sga-0.10.15/src/SGA/haplotype-filter.cpp:1066:23: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. for (char c; (c = getopt_long(argc, argv, shortopts, longopts, NULL)) != -1;) data/sga-0.10.15/src/SGA/index.cpp:276:23: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. for (char c; (c = getopt_long(argc, argv, shortopts, longopts, NULL)) != -1;) data/sga-0.10.15/src/SGA/kmer-count.cpp:63:23: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. for (char c; (c = getopt_long(argc, argv, shortopts, longopts, NULL)) != -1;) data/sga-0.10.15/src/SGA/merge.cpp:173:23: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. for (char c; (c = getopt_long(argc, argv, shortopts, longopts, NULL)) != -1;) data/sga-0.10.15/src/SGA/overlap-long.cpp:338:23: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. for (char c; (c = getopt_long(argc, argv, shortopts, longopts, NULL)) != -1;) data/sga-0.10.15/src/SGA/overlap.cpp:327:23: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. for (char c; (c = getopt_long(argc, argv, shortopts, longopts, NULL)) != -1;) data/sga-0.10.15/src/SGA/oview.cpp:202:23: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. for (char c; (c = getopt_long(argc, argv, shortopts, longopts, NULL)) != -1;) data/sga-0.10.15/src/SGA/preprocess.cpp:202:5: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(opt::seed); data/sga-0.10.15/src/SGA/preprocess.cpp:616:23: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. for (char c; (c = getopt_long(argc, argv, shortopts, longopts, NULL)) != -1;) data/sga-0.10.15/src/SGA/preqc.cpp:2090:23: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. for (char c; (c = getopt_long(argc, argv, shortopts, longopts, NULL)) != -1;) data/sga-0.10.15/src/SGA/rewrite-evidence-bam.cpp:158:23: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. for (char c; (c = getopt_long(argc, argv, shortopts, longopts, NULL)) != -1;) data/sga-0.10.15/src/SGA/rmdup.cpp:348:23: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. for (char c; (c = getopt_long(argc, argv, shortopts, longopts, NULL)) != -1;) data/sga-0.10.15/src/SGA/scaffold.cpp:189:23: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. for (char c; (c = getopt_long(argc, argv, shortopts, longopts, NULL)) != -1;) data/sga-0.10.15/src/SGA/scaffold2fasta.cpp:196:23: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. for (char c; (c = getopt_long(argc, argv, shortopts, longopts, NULL)) != -1;) data/sga-0.10.15/src/SGA/somatic-variant-filters.cpp:794:23: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. for (char c; (c = getopt_long(argc, argv, shortopts, longopts, NULL)) != -1;) data/sga-0.10.15/src/SGA/stats.cpp:171:23: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. for (char c; (c = getopt_long(argc, argv, shortopts, longopts, NULL)) != -1;) data/sga-0.10.15/src/SGA/subgraph.cpp:169:23: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. for (char c; (c = getopt_long(argc, argv, shortopts, longopts, NULL)) != -1;) data/sga-0.10.15/src/SGA/variant-detectability.cpp:137:5: [3] (random) srandom: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srandom( time(NULL) ); data/sga-0.10.15/src/SGA/variant-detectability.cpp:142:26: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. size_t chr_idx = random() % num_ref; data/sga-0.10.15/src/SGA/variant-detectability.cpp:147:27: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. size_t base_idx = random() % l; data/sga-0.10.15/src/SGA/variant-detectability.cpp:153:21: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. int j = random() % 4; data/sga-0.10.15/src/SGA/variant-detectability.cpp:205:23: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. for (char c; (c = getopt_long(argc, argv, shortopts, longopts, NULL)) != -1;) data/sga-0.10.15/src/SGA/walk.cpp:323:23: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. for (char c; (c = getopt_long(argc, argv, shortopts, longopts, NULL)) != -1;) data/sga-0.10.15/src/GraphDiff/DindelRealignWindow.cpp:4616:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). m_fileHandle.open(fileName.c_str()); data/sga-0.10.15/src/GraphDiff/DindelRealignWindow.cpp:4905:28: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). m_outputFileHandle.open(fileName.c_str()); data/sga-0.10.15/src/GraphDiff/DindelRealignWindow.cpp:4911:27: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). m_inputFileHandle.open(fileName.c_str()); data/sga-0.10.15/src/SGA/preqc.cpp:119:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sorted_bases[5] = "ACGT"; data/sga-0.10.15/src/SGA/preqc.cpp:1738:21: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sorted_bases[5] = "ACGT"; data/sga-0.10.15/src/SQG/ASQG.cpp:313:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char recordTag[RECORD_TAG_SIZE]; data/sga-0.10.15/src/SuffixTools/BWTCARopebwt.cpp:18:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char seq_nt6_table[128] = { data/sga-0.10.15/src/Thirdparty/bcr.c:479:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). tmpfp = fopen(b->tmpfn, "wb"); data/sga-0.10.15/src/Thirdparty/bcr.c:485:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). tmpfp = fopen(b->tmpfn, "rb"); data/sga-0.10.15/src/Thirdparty/gzstream.C:51:27: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). gzstreambuf* gzstreambuf::open( const char* name, int open_mode) { data/sga-0.10.15/src/Thirdparty/gzstream.C:59:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fmode[10]; data/sga-0.10.15/src/Thirdparty/gzstream.C:94:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( buffer + (4 - n_putback), gptr() - n_putback, n_putback); data/sga-0.10.15/src/Thirdparty/gzstream.C:148:5: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). open( name, mode); data/sga-0.10.15/src/Thirdparty/gzstream.C:155:20: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void gzstreambase::open( const char* name, int open_mode) { data/sga-0.10.15/src/Thirdparty/gzstream.C:156:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( ! buf.open( name, open_mode)) data/sga-0.10.15/src/Thirdparty/gzstream.h:58:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[bufferSize]; // data buffer data/sga-0.10.15/src/Thirdparty/gzstream.h:72:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). gzstreambuf* open( const char* name, int open_mode); data/sga-0.10.15/src/Thirdparty/gzstream.h:88:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void open( const char* name, int open_mode); data/sga-0.10.15/src/Thirdparty/gzstream.h:105:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void open( const char* name, int open_mode = std::ios::in) { data/sga-0.10.15/src/Thirdparty/gzstream.h:106:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). gzstreambase::open( name, open_mode); data/sga-0.10.15/src/Thirdparty/gzstream.h:116:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void open( const char* name, int open_mode = std::ios::out) { data/sga-0.10.15/src/Thirdparty/gzstream.h:117:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). gzstreambase::open( name, open_mode); data/sga-0.10.15/src/Thirdparty/rapidjson/allocators.h:183:10: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. return memcpy(newBuffer, originalPtr, originalSize); data/sga-0.10.15/src/Thirdparty/rapidjson/document.h:173:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(this, &rhs, sizeof(GenericValue)); data/sga-0.10.15/src/Thirdparty/rapidjson/document.h:604:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char padding[4]; data/sga-0.10.15/src/Thirdparty/rapidjson/document.h:608:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char padding2[4]; data/sga-0.10.15/src/Thirdparty/rapidjson/document.h:612:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char padding[4]; data/sga-0.10.15/src/Thirdparty/rapidjson/document.h:616:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char padding2[4]; data/sga-0.10.15/src/Thirdparty/rapidjson/document.h:648:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data_.a.elements, values, count * sizeof(GenericValue)); data/sga-0.10.15/src/Thirdparty/rapidjson/document.h:656:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data_.o.members, members, count * sizeof(Member)); data/sga-0.10.15/src/Thirdparty/rapidjson/document.h:674:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(const_cast<Ch*>(data_.s.str), s, length * sizeof(Ch)); data/sga-0.10.15/src/Thirdparty/rapidjson/document.h:680:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(this, &rhs, sizeof(GenericValue)); data/sga-0.10.15/src/Thirdparty/rapidjson/reader.h:113:15: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char whitespace[16] = " \n\r\t"; data/sga-0.10.15/src/Thirdparty/rapidjson/reader.h:138:15: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char whitespaces[4][17] = { data/sga-0.10.15/src/Thirdparty/rapidjson/reader.h:426:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char escape[256] = { data/sga-0.10.15/src/Thirdparty/rapidjson/writer.h:129:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[10]; data/sga-0.10.15/src/Thirdparty/rapidjson/writer.h:151:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[20]; data/sga-0.10.15/src/Thirdparty/rapidjson/writer.h:166:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[100]; data/sga-0.10.15/src/Thirdparty/rapidjson/writer.h:178:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char hexDigits[16] = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F' }; data/sga-0.10.15/src/Thirdparty/rapidjson/writer.h:179:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char escape[256] = { data/sga-0.10.15/src/Thirdparty/stdaln.c:33:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char aln_nt16_table[256] = { data/sga-0.10.15/src/Thirdparty/stdaln.c:54:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char aln_nt4_table[256] = { data/sga-0.10.15/src/Thirdparty/stdaln.c:75:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char aln_aa_table[256] = { data/sga-0.10.15/src/Thirdparty/stdaln.c:97:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char aln_trans_table_eu[66] = { data/sga-0.10.15/src/Util/Alphabet.h:36:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char ALPHABET[ALPHABET_SIZE] = {'A', 'C', 'G', 'T', '$'}; data/sga-0.10.15/src/Util/Alphabet.h:37:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char RANK_ALPHABET[ALPHABET_SIZE] = {'$', 'A', 'C', 'G', 'T'}; data/sga-0.10.15/src/Util/MultiOverlap.cpp:131:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char order[5]; data/sga-0.10.15/src/Util/MultiOverlap.cpp:189:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sorted[ALPHABET_SIZE]; data/sga-0.10.15/src/Util/MultiOverlap.cpp:281:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sorted[ALPHABET_SIZE]; data/sga-0.10.15/src/Util/Util.cpp:434:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int p1 = atoi(parts[1].c_str()); data/sga-0.10.15/src/Util/Util.cpp:440:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int p2 = atoi(parts[1].c_str()); data/sga-0.10.15/src/Util/VCFUtil.cpp:414:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dateBuffer [MAX_DATE_CHARS]; data/sga-0.10.15/src/Algorithm/ClusterProcess.cpp:33:45: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ClusterNode node = cluster.addSeed(item.read.seq.toString(), true); data/sga-0.10.15/src/Algorithm/ConnectProcess.cpp:35:41: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). assert(getPairID(workItemPair.first.read.id) == workItemPair.second.read.id); data/sga-0.10.15/src/Algorithm/ConnectProcess.cpp:35:73: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). assert(getPairID(workItemPair.first.read.id) == workItemPair.second.read.id); data/sga-0.10.15/src/Algorithm/ConnectProcess.cpp:38:71: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). StringGraphGenerator localGraph(m_pOverlapper, workItemPair.first.read, workItemPair.second.read, m_minOverlap, ED_SENSE, m_maxDistance); data/sga-0.10.15/src/Algorithm/ConnectProcess.cpp:38:97: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). StringGraphGenerator localGraph(m_pOverlapper, workItemPair.first.read, workItemPair.second.read, m_minOverlap, ED_SENSE, m_maxDistance); data/sga-0.10.15/src/Algorithm/ConnectProcess.cpp:79:56: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). record.id = getPairBasename(workItemPair.first.read.id); data/sga-0.10.15/src/Algorithm/ConnectProcess.cpp:85:28: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). workItemPair.first.read.write(*m_pUnconnectedWriter); data/sga-0.10.15/src/Algorithm/ConnectProcess.cpp:86:29: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). workItemPair.second.read.write(*m_pUnconnectedWriter); data/sga-0.10.15/src/Algorithm/ErrorCorrectProcess.cpp:39:31: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). std::cout << workItem.read.id << " failed error correction QC\n"; data/sga-0.10.15/src/Algorithm/ErrorCorrectProcess.cpp:88:35: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). SeqRecord currRead = workItem.read; data/sga-0.10.15/src/Algorithm/ErrorCorrectProcess.cpp:89:41: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). std::string originalRead = workItem.read.seq.toString(); data/sga-0.10.15/src/Algorithm/ErrorCorrectProcess.cpp:167:35: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). SeqRecord currRead = workItem.read; data/sga-0.10.15/src/Algorithm/ErrorCorrectProcess.cpp:168:45: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). std::string current_sequence = workItem.read.seq.toString(); data/sga-0.10.15/src/Algorithm/ErrorCorrectProcess.cpp:209:43: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). result.correctSequence = workItem.read.seq.toString(); data/sga-0.10.15/src/Algorithm/ErrorCorrectProcess.cpp:227:35: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). SeqRecord currRead = workItem.read; data/sga-0.10.15/src/Algorithm/ErrorCorrectProcess.cpp:228:41: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). std::string readSequence = workItem.read.seq.toString(); data/sga-0.10.15/src/Algorithm/ErrorCorrectProcess.cpp:231:54: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). std::cout << "Kmer correcting read " << workItem.read.id << "\n"; data/sga-0.10.15/src/Algorithm/ErrorCorrectProcess.cpp:260:31: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int ps = workItem.read.getPhredScore(j); data/sga-0.10.15/src/Algorithm/ErrorCorrectProcess.cpp:319:42: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). std::cout << "Read " << workItem.read.id << (allSolid ? " is solid\n" : " has potential errors\n"); data/sga-0.10.15/src/Algorithm/ErrorCorrectProcess.cpp:333:38: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int phred = workItem.read.getPhredScore(i); data/sga-0.10.15/src/Algorithm/ErrorCorrectProcess.cpp:364:43: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). result.correctSequence = workItem.read.seq.toString(); data/sga-0.10.15/src/Algorithm/ErrorCorrectProcess.cpp:426:35: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). SeqRecord currRead = workItem.read; data/sga-0.10.15/src/Algorithm/ErrorCorrectProcess.cpp:427:34: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). std::string query = workItem.read.seq.toString(); data/sga-0.10.15/src/Algorithm/ErrorCorrectProcess.cpp:551:29: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). collectMetrics(item.read.seq.toString(), data/sga-0.10.15/src/Algorithm/ErrorCorrectProcess.cpp:553:29: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). item.read.qual); data/sga-0.10.15/src/Algorithm/ErrorCorrectProcess.cpp:556:29: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). SeqRecord record = item.read; data/sga-0.10.15/src/Algorithm/FMMergeProcess.cpp:36:35: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). std::string readString = item.read.seq.toString(); data/sga-0.10.15/src/Algorithm/FMMergeProcess.cpp:151:78: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. BWTInterval::equal); data/sga-0.10.15/src/Algorithm/LRAlignment.cpp:154:106: [1] (buffer) mismatch: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. int match_score = qci == p->parent_cidx ? params.alnParams.match : -params.alnParams.mismatch; data/sga-0.10.15/src/Algorithm/OverlapAlgorithm.cpp:19:62: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). OverlapResult OverlapAlgorithm::overlapRead(const SeqRecord& read, int minOverlap, OverlapBlockList* pOutList) const data/sga-0.10.15/src/Algorithm/OverlapAlgorithm.cpp:22:25: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(static_cast<int>(read.seq.length()) < minOverlap) data/sga-0.10.15/src/Algorithm/OverlapAlgorithm.cpp:26:32: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). r = overlapReadInexact(read, minOverlap, pOutList); data/sga-0.10.15/src/Algorithm/OverlapAlgorithm.cpp:28:30: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). r = overlapReadExact(read, minOverlap, pOutList); data/sga-0.10.15/src/Algorithm/OverlapAlgorithm.cpp:33:69: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). OverlapResult OverlapAlgorithm::overlapReadInexact(const SeqRecord& read, int minOverlap, OverlapBlockList* pOBOut) const data/sga-0.10.15/src/Algorithm/OverlapAlgorithm.cpp:37:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). std::string seq = read.seq.toString(); data/sga-0.10.15/src/Algorithm/OverlapAlgorithm.cpp:40:48: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). std::cout << "\n\n***Overlapping read " << read.id << " suffix\n"; data/sga-0.10.15/src/Algorithm/OverlapAlgorithm.cpp:70:48: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). std::cout << "\n\n***Overlapping read " << read.id << " prefix\n"; data/sga-0.10.15/src/Algorithm/OverlapAlgorithm.cpp:106:69: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). OverlapResult OverlapAlgorithm::alignReadDuplicate(const SeqRecord& read, OverlapBlockList* pOBOut) const data/sga-0.10.15/src/Algorithm/OverlapAlgorithm.cpp:110:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). std::string seq = read.seq.toString(); data/sga-0.10.15/src/Algorithm/OverlapAlgorithm.cpp:121:67: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). OverlapResult OverlapAlgorithm::overlapReadExact(const SeqRecord& read, int minOverlap, OverlapBlockList* pOBOut) const data/sga-0.10.15/src/Algorithm/OverlapAlgorithm.cpp:128:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). std::string seq = read.seq.toString(); data/sga-0.10.15/src/Algorithm/OverlapAlgorithm.cpp:191:79: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void OverlapAlgorithm::writeResultASQG(std::ostream& writer, const SeqRecord& read, const OverlapResult& result) const data/sga-0.10.15/src/Algorithm/OverlapAlgorithm.cpp:193:31: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ASQG::VertexRecord record(read.id, read.seq.toString()); data/sga-0.10.15/src/Algorithm/OverlapAlgorithm.cpp:193:40: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ASQG::VertexRecord record(read.id, read.seq.toString()); data/sga-0.10.15/src/Algorithm/OverlapAlgorithm.h:50:52: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). OverlapResult overlapRead(const SeqRecord& read, int minOverlap, OverlapBlockList* pOutList) const; data/sga-0.10.15/src/Algorithm/OverlapAlgorithm.h:53:57: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). OverlapResult overlapReadExact(const SeqRecord& read, int minOverlap, OverlapBlockList* pOBOut) const; data/sga-0.10.15/src/Algorithm/OverlapAlgorithm.h:56:59: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). OverlapResult alignReadDuplicate(const SeqRecord& read, OverlapBlockList* pOBOut) const; data/sga-0.10.15/src/Algorithm/OverlapAlgorithm.h:59:59: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). OverlapResult overlapReadInexact(const SeqRecord& read, int minOverlap, OverlapBlockList* pOBOut) const; data/sga-0.10.15/src/Algorithm/OverlapAlgorithm.h:62:69: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void writeResultASQG(std::ostream& writer, const SeqRecord& read, const OverlapResult& result) const; data/sga-0.10.15/src/Algorithm/OverlapBlock.h:59:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void read(std::istream& in) data/sga-0.10.15/src/Algorithm/OverlapBlock.h:61:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). data.read(in); data/sga-0.10.15/src/Algorithm/QCProcess.cpp:100:30: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). std::string w = workItem.read.seq.toString(); data/sga-0.10.15/src/Algorithm/QCProcess.cpp:206:30: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). std::string w = workItem.read.seq.toString(); data/sga-0.10.15/src/Algorithm/QCProcess.cpp:265:26: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). std::string w = item.read.seq.toString(); data/sga-0.10.15/src/Algorithm/QCProcess.cpp:365:26: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). std::string w = item.read.seq.toString(); data/sga-0.10.15/src/Algorithm/QCProcess.cpp:410:29: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). SeqRecord record = item.read; data/sga-0.10.15/src/Algorithm/QCProcess.cpp:421:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). newID << item.read.id << ",seqrank=" << item.idx; data/sga-0.10.15/src/Algorithm/ReadCluster.cpp:204:74: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. ClusterNode::equal); data/sga-0.10.15/src/Algorithm/ReadCluster.h:29:24: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. static inline bool equal(const ClusterNode& a, const ClusterNode& b) data/sga-0.10.15/src/Algorithm/ReadCluster.h:31:29: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. return BWTInterval::equal(a.interval, b.interval); data/sga-0.10.15/src/Algorithm/SearchSeed.h:49:25: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if(BWTInterval::equal(a.ranges.inteval[0], b.ranges.interval[0])) data/sga-0.10.15/src/Algorithm/SearchSeed.h:52:29: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. return BWTInterval::equal(a.ranges.interval[0], b.ranges.interval[0]); data/sga-0.10.15/src/Algorithm/StatsProcess.cpp:48:41: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). std::string readSequence = workItem.read.seq.toString(); data/sga-0.10.15/src/Algorithm/StatsProcess.cpp:69:39: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). SeqRecord currRead = workItem.read; data/sga-0.10.15/src/Concurrency/OverlapProcess.cpp:31:64: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). OverlapResult result = m_pOverlapper->overlapRead(workItem.read, m_minOverlap, &m_blockList); data/sga-0.10.15/src/Concurrency/OverlapProcess.cpp:50:57: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). m_pOverlapper->writeResultASQG(*m_pASQGWriter, item.read, result); data/sga-0.10.15/src/Concurrency/RmdupProcess.cpp:30:71: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). OverlapResult result = m_pOverlapper->alignReadDuplicate(workItem.read, &m_blockList); data/sga-0.10.15/src/Concurrency/RmdupProcess.cpp:32:28: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). *m_pWriter << workItem.read.id << "\t" << workItem.read.seq.toString() << "\t"; data/sga-0.10.15/src/Concurrency/RmdupProcess.cpp:32:56: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). *m_pWriter << workItem.read.id << "\t" << workItem.read.seq.toString() << "\t"; data/sga-0.10.15/src/Concurrency/SequenceWorkItem.h:18:65: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). SequenceWorkItem(size_t ri, const SeqRecord& sr) : idx(ri), read(sr) {} data/sga-0.10.15/src/Concurrency/SequenceWorkItem.h:20:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). SeqRecord read; data/sga-0.10.15/src/Concurrency/SequenceWorkItem.h:41:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). SeqRecord read; data/sga-0.10.15/src/Concurrency/SequenceWorkItem.h:42:41: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). bool valid = m_pReader->get(read); data/sga-0.10.15/src/Concurrency/SequenceWorkItem.h:46:28: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). out.read = read; data/sga-0.10.15/src/GraphDiff/DindelHMM.cpp:47:35: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). DindelHMM::DindelHMM(DindelRead & read, const DindelMultiHaplotype & haplotype) : m_pRead(&read), m_pHaplotype(& haplotype) data/sga-0.10.15/src/GraphDiff/DindelHMM.cpp:47:92: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). DindelHMM::DindelHMM(DindelRead & read, const DindelMultiHaplotype & haplotype) : m_pRead(&read), m_pHaplotype(& haplotype) data/sga-0.10.15/src/GraphDiff/DindelHMM.cpp:198:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). HMMForward(read, hap, -5, false); data/sga-0.10.15/src/GraphDiff/DindelHMM.h:25:32: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). DindelHMM(DindelRead & read, const DindelMultiHaplotype & haplotype); data/sga-0.10.15/src/GraphDiff/DindelHMM.h:258:60: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ReadHaplotypeAlignment DindelHMMForward(const DindelRead & read, data/sga-0.10.15/src/GraphDiff/DindelRealignWindow.cpp:820:130: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int DindelHaplotype::getClosestDistance(const DindelVariant& variant, int hapPosStartRead, int hapPosEndRead, const DindelRead & read) const data/sga-0.10.15/src/GraphDiff/DindelRealignWindow.cpp:854:25: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (endRead>read.length()-1) endRead = read.length()-1; data/sga-0.10.15/src/GraphDiff/DindelRealignWindow.cpp:854:52: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (endRead>read.length()-1) endRead = read.length()-1; data/sga-0.10.15/src/GraphDiff/DindelRealignWindow.cpp:857:27: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (startRead>read.length()-1) return -1; // ignore this case data/sga-0.10.15/src/GraphDiff/DindelRealignWindow.cpp:871:58: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). std::cout << std::string(spacer, ' ') << read.getSequence() << "\n"; data/sga-0.10.15/src/GraphDiff/DindelRealignWindow.cpp:879:21: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read.getBase(startRead + b) != this->m_seq.at(s+b)) data/sga-0.10.15/src/GraphDiff/DindelRealignWindow.cpp:1576:107: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). std::cout << std::endl << "====> START 1 DindelRealignWindow::computeReadHaplotypeAlignment " << read.getID() << std::endl; data/sga-0.10.15/src/GraphDiff/DindelRealignWindow.cpp:1596:28: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int dlen = end+1-start-read.length(); data/sga-0.10.15/src/GraphDiff/DindelRealignWindow.cpp:1597:16: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int rlen = read.length(); data/sga-0.10.15/src/GraphDiff/DindelRealignWindow.cpp:1606:28: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). std::string rseq = read.getSequence(); data/sga-0.10.15/src/GraphDiff/DindelRealignWindow.cpp:1613:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rseq = read.getSequence().substr(-start, read.length()); data/sga-0.10.15/src/GraphDiff/DindelRealignWindow.cpp:1613:54: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rseq = read.getSequence().substr(-start, read.length()); data/sga-0.10.15/src/GraphDiff/DindelRealignWindow.cpp:1617:165: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). std::cout << "DLEN: " << dlen << " RLEN: " << rlen << " hlen: " << hlen << " start: " << start << " end: " << end << " read_index: " << readIndex << " " << read.getID() << std::endl; data/sga-0.10.15/src/GraphDiff/DindelRealignWindow.cpp:1628:70: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). bool countMismatch = (realignParameters.addSNPMinMappingQual<read.getMappingQual())?true:false; data/sga-0.10.15/src/GraphDiff/DindelRealignWindow.cpp:1641:30: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). match = (read.getBase(b) == haplotype.getSequence()[x])?true:false; data/sga-0.10.15/src/GraphDiff/DindelRealignWindow.cpp:1652:58: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). mismatches.push_back(Mismatch(x, read.getBase(b))); data/sga-0.10.15/src/GraphDiff/DindelRealignWindow.cpp:1664:42: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). match = (_complement(read.getBase(rlen-1-b)) == haplotype.getSequence()[x])?true:false; data/sga-0.10.15/src/GraphDiff/DindelRealignWindow.cpp:1676:71: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). mismatches.push_back(Mismatch(x, _complement(read.getBase(rlen-1-b)))); data/sga-0.10.15/src/GraphDiff/DindelRealignWindow.cpp:1915:34: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). cache_key << h << ":" << read.getSequence() << ":" << read.getQualString(); data/sga-0.10.15/src/GraphDiff/DindelRealignWindow.cpp:1915:63: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). cache_key << h << ":" << read.getSequence() << ":" << read.getQualString(); data/sga-0.10.15/src/GraphDiff/DindelRealignWindow.cpp:1926:27: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). DindelHMM hmm(read, haplotype); data/sga-0.10.15/src/GraphDiff/DindelRealignWindow.cpp:1944:29: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int start = end-read.length()+1; data/sga-0.10.15/src/GraphDiff/DindelRealignWindow.cpp:1945:28: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). bool rcReadSeq=read.getRCRead(); data/sga-0.10.15/src/GraphDiff/DindelRealignWindow.cpp:1987:136: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (DINDEL_DEBUG) std::cout << "\n*****\nDindelRealignWindow::computeReadHaplotypeAlignmentsUsingHMM reads[" << r << "]: " << read.getID() << std::endl; data/sga-0.10.15/src/GraphDiff/DindelRealignWindow.cpp:1991:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read.getLogProbCorrectError(lpCorrect, lpError); data/sga-0.10.15/src/GraphDiff/DindelRealignWindow.cpp:2024:37: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). out << "ALIGNMENTS for read " << read.getID() << " sample: " << read.getSampleName() << " seq: " << read.getSequence() << " ref lik: " << hapReadAlignments[0][readIdx].logLik << std::endl; data/sga-0.10.15/src/GraphDiff/DindelRealignWindow.cpp:2024:68: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). out << "ALIGNMENTS for read " << read.getID() << " sample: " << read.getSampleName() << " seq: " << read.getSequence() << " ref lik: " << hapReadAlignments[0][readIdx].logLik << std::endl; data/sga-0.10.15/src/GraphDiff/DindelRealignWindow.cpp:2024:104: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). out << "ALIGNMENTS for read " << read.getID() << " sample: " << read.getSampleName() << " seq: " << read.getSequence() << " ref lik: " << hapReadAlignments[0][readIdx].logLik << std::endl; data/sga-0.10.15/src/GraphDiff/DindelRealignWindow.cpp:2082:24: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int start = end-read.length()+1; data/sga-0.10.15/src/GraphDiff/DindelRealignWindow.cpp:2083:30: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). std::string readseq = read.getSequence(); data/sga-0.10.15/src/GraphDiff/DindelRealignWindow.cpp:2092:41: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). for (int b=start,r=0;b<=end && r<read.length();b++,r++) data/sga-0.10.15/src/GraphDiff/DindelRealignWindow.cpp:2922:33: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). std::string read_sequence = read.getSequence(); data/sga-0.10.15/src/GraphDiff/DindelRealignWindow.cpp:3041:22: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). drra.read_name = read.getID(); data/sga-0.10.15/src/GraphDiff/DindelRealignWindow.cpp:3047:26: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). drra.read_sequence = read.isForward() ? read.getSequence() : reverseComplement(read.getSequence()); data/sga-0.10.15/src/GraphDiff/DindelRealignWindow.cpp:3047:45: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). drra.read_sequence = read.isForward() ? read.getSequence() : reverseComplement(read.getSequence()); data/sga-0.10.15/src/GraphDiff/DindelRealignWindow.cpp:3047:84: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). drra.read_sequence = read.isForward() ? read.getSequence() : reverseComplement(read.getSequence()); data/sga-0.10.15/src/GraphDiff/DindelRealignWindow.cpp:3050:22: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). bool rc_to_ref = read.isForward() ? reference_mapping.isRC : !reference_mapping.isRC; data/sga-0.10.15/src/GraphDiff/DindelRealignWindow.h:428:121: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int getClosestDistance(const DindelVariant& variant, int hapPosStartRead, int hapPosEndRead, const DindelRead & read) const; data/sga-0.10.15/src/GraphDiff/GraphCompare.cpp:115:31: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). SeqRecord currRead = item.read; data/sga-0.10.15/src/GraphDiff/GraphCompare.cpp:116:26: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). std::string w = item.read.seq.toString(); data/sga-0.10.15/src/GraphDiff/PairedDeBruijnHaplotypeBuilder.cpp:218:38: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read = reverseComplement(read); data/sga-0.10.15/src/GraphDiff/PairedDeBruijnHaplotypeBuilder.cpp:219:27: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). guide.addSequence(read); data/sga-0.10.15/src/SGA/graph-diff.cpp:477:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). item.read.seq = sequence; data/sga-0.10.15/src/SGA/graph-diff.cpp:478:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). item.read.id = "input"; data/sga-0.10.15/src/SGA/oview.cpp:21:28: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void detect(const SeqItem& read, const ReadTable* pRT, const OverlapMap* pOM); data/sga-0.10.15/src/SuffixTools/BWTInterval.h:36:24: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. static inline bool equal(const BWTInterval& a, const BWTInterval& b) data/sga-0.10.15/src/SuffixTools/BWTInterval.h:59:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void read(std::istream& in) data/sga-0.10.15/src/SuffixTools/BWTInterval.h:61:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). in.read((char*)&lower, sizeof(lower)); data/sga-0.10.15/src/SuffixTools/BWTInterval.h:62:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). in.read((char*)&upper, sizeof(upper)); data/sga-0.10.15/src/SuffixTools/BWTInterval.h:79:29: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. return BWTInterval::equal(a.interval[0], b.interval[0]) && data/sga-0.10.15/src/SuffixTools/BWTInterval.h:80:29: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. BWTInterval::equal(a.interval[1], b.interval[1]); data/sga-0.10.15/src/SuffixTools/BWTReader.h:46:22: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). virtual void read(RLBWT* pRLBWT) = 0; data/sga-0.10.15/src/SuffixTools/BWTReaderAscii.cpp:26:22: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void BWTReaderAscii::read(SBWT* pBWT) data/sga-0.10.15/src/SuffixTools/BWTReaderAscii.cpp:39:22: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void BWTReaderAscii::read(RLBWT* pRLBWT) data/sga-0.10.15/src/SuffixTools/BWTReaderAscii.h:28:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void read(SBWT* pBWT); data/sga-0.10.15/src/SuffixTools/BWTReaderAscii.h:29:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void read(RLBWT* pRLBWT); data/sga-0.10.15/src/SuffixTools/BWTReaderBinary.cpp:26:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void BWTReaderBinary::read(RLBWT* pRLBWT) data/sga-0.10.15/src/SuffixTools/BWTReaderBinary.cpp:38:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void BWTReaderBinary::read(SBWT* pSBWT) data/sga-0.10.15/src/SuffixTools/BWTReaderBinary.cpp:59:16: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). m_pReader->read(reinterpret_cast<char*>(&magic_number), sizeof(magic_number)); data/sga-0.10.15/src/SuffixTools/BWTReaderBinary.cpp:67:16: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). m_pReader->read(reinterpret_cast<char*>(&num_strings), sizeof(num_strings)); data/sga-0.10.15/src/SuffixTools/BWTReaderBinary.cpp:68:16: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). m_pReader->read(reinterpret_cast<char*>(&num_symbols), sizeof(num_symbols)); data/sga-0.10.15/src/SuffixTools/BWTReaderBinary.cpp:69:16: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). m_pReader->read(reinterpret_cast<char*>(&m_numRunsOnDisk), sizeof(m_numRunsOnDisk)); data/sga-0.10.15/src/SuffixTools/BWTReaderBinary.cpp:70:16: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). m_pReader->read(reinterpret_cast<char*>(&flag), sizeof(flag)); data/sga-0.10.15/src/SuffixTools/BWTReaderBinary.cpp:83:16: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). m_pReader->read(reinterpret_cast<char*>(&out[0]), numRuns*sizeof(RLUnit)); data/sga-0.10.15/src/SuffixTools/BWTReaderBinary.cpp:103:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). m_pReader->read(reinterpret_cast<char*>(&m_currRun), sizeof(RLUnit)); data/sga-0.10.15/src/SuffixTools/BWTReaderBinary.h:29:22: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). virtual void read(RLBWT* pRLBWT); data/sga-0.10.15/src/SuffixTools/BWTReaderBinary.h:30:22: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). virtual void read(SBWT* pSBWT); data/sga-0.10.15/src/SuffixTools/RLBWT.cpp:29:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). pReader->read(this); data/sga-0.10.15/src/SuffixTools/RankProcess.cpp:41:28: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). DNAString w = workItem.read.seq; data/sga-0.10.15/src/SuffixTools/RankProcess.cpp:57:41: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rank = parseRankFromID(workItem.read.id); data/sga-0.10.15/src/SuffixTools/SAReader.cpp:25:16: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void SAReader::read(SuffixArray* pSA) data/sga-0.10.15/src/SuffixTools/SAReader.h:35:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void read(SuffixArray* pSA); data/sga-0.10.15/src/SuffixTools/SBWT.cpp:26:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). reader.read(this); data/sga-0.10.15/src/SuffixTools/SampledSuffixArray.cpp:22:30: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). #define SSA_READ(x) pReader->read(reinterpret_cast<char*>(&(x)), sizeof((x))); data/sga-0.10.15/src/SuffixTools/SampledSuffixArray.cpp:23:34: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). #define SSA_READ_N(x,n) pReader->read(reinterpret_cast<char*>(&(x)), (n)); data/sga-0.10.15/src/SuffixTools/SuffixArray.cpp:24:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). reader.read(this); data/sga-0.10.15/src/SuffixTools/SuffixCompare.cpp:56:26: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). const char* suffix = read.getSuffix(suffix_start); data/sga-0.10.15/src/SuffixTools/SuffixCompare.cpp:57:25: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). size_t suffix_len = read.getSuffixLength(suffix_start); data/sga-0.10.15/src/SuffixTools/SuffixCompare.cpp:75:32: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). std::cout << x << " = " << read.getSuffixString(x.getPos()) << "\n"; data/sga-0.10.15/src/Thirdparty/rapidjson/filestream.h:33:11: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int c = fgetc(fp_); data/sga-0.10.15/src/Thirdparty/stdaln.c:771:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (len1 < 0) len1 = strlen(seq1); data/sga-0.10.15/src/Thirdparty/stdaln.c:772:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (len2 < 0) len2 = strlen(seq2); data/sga-0.10.15/src/Util/BitChar.cpp:109:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void BitChar::read(std::istream& in) data/sga-0.10.15/src/Util/BitChar.cpp:111:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). in.read((char*)&m_data, sizeof(m_data)); data/sga-0.10.15/src/Util/BitChar.h:37:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void read(std::istream& in); data/sga-0.10.15/src/Util/DNAString.cpp:61:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(m_data, pData, m_len); data/sga-0.10.15/src/Util/ReadTable.cpp:41:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read.seq.reverse(); data/sga-0.10.15/src/Util/ReadTable.cpp:42:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). addRead(read); data/sga-0.10.15/src/Util/ReadTable.cpp:146:16: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). out << read.id << "\t" << read.seq.toString() << "\n"; data/sga-0.10.15/src/Util/ReadTable.cpp:146:35: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). out << read.id << "\t" << read.seq.toString() << "\n"; data/sga-0.10.15/src/Util/StdAlnTools.cpp:230:58: [1] (buffer) mismatch: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. for (size_t i = 0; i < 25; ++i) par.matrix[i] = -params.mismatch; data/sga-0.10.15/src/Util/StdAlnTools.h:47:9: [1] (buffer) mismatch: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. int mismatch; ANALYSIS SUMMARY: Hits = 262 Lines analyzed = 74716 in approximately 1.64 seconds (45610 lines/second) Physical Source Lines of Code (SLOC) = 50601 Hits@level = [0] 363 [1] 171 [2] 52 [3] 39 [4] 0 [5] 0 Hits@level+ = [0+] 625 [1+] 262 [2+] 91 [3+] 39 [4+] 0 [5+] 0 Hits/KSLOC@level+ = [0+] 12.3515 [1+] 5.17776 [2+] 1.79838 [3+] 0.770736 [4+] 0 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.