Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/skesa-2.4.0/DBGraph.hpp Examining data/skesa-2.4.0/Integer.hpp Examining data/skesa-2.4.0/KmerInit.hpp Examining data/skesa-2.4.0/LargeInt.hpp Examining data/skesa-2.4.0/LargeInt1.hpp Examining data/skesa-2.4.0/LargeInt2.hpp Examining data/skesa-2.4.0/Model.hpp Examining data/skesa-2.4.0/assembler.hpp Examining data/skesa-2.4.0/common_util.hpp Examining data/skesa-2.4.0/concurrenthash.hpp Examining data/skesa-2.4.0/config.hpp Examining data/skesa-2.4.0/counter.hpp Examining data/skesa-2.4.0/gfa.hpp Parsing failed to find end of parameter list; semicolon terminated it in (is->m_seq.rbegin()+1, is->m_seq.rend(), js->m_seq.rbegin()+1, [](const SegBase& a, const SegBase& b) { return a.m_nt == b.m_nt; })) { ambig.push_back(js->m_seq.back(). Parsing failed to find end of parameter list; semicolon terminated it in (is->m_seq.begin()+1, is->m_seq.end(), js->m_seq.begin()+1, [](const SegBase& a, const SegBase& b) { return a.m_nt == b.m_nt; })) { ambig.push_back(js->m_seq.front().m_ Parsing failed to find end of parameter list; semicolon terminated it in (is->m_seq.rbegin(), is->m_seq.rend(), js->m_seq.rbegin(), [](const SegBase& a, const SegBase& b) { return a.m_nt == b.m_nt; })) { RemoveSegment(is); Parsing failed to find end of parameter list; semicolon terminated it in (is->m_seq.rbegin(), is->m_seq.rbegin()+len, js->m_seq.rbegin(), [](const SegBase& a, const SegBase& b) { return a.m_nt == b.m_nt; }); int matches = rslt.first-is->m_se Parsing failed to find end of parameter list; semicolon terminated it in (is->m_seq.begin(), is->m_seq.end(), js->m_seq.begin(), [](const SegBase& a, const SegBase& b) { return a.m_nt == b.m_nt; })) { RemoveSegment(is); Parsing failed to find end of parameter list; semicolon terminated it in (is->m_seq.begin(), is->m_seq.begin()+len, js->m_seq.begin(), [](const SegBase& a, const SegBase& b) { return a.m_nt == b.m_nt; }); int matches = rslt.first-is->m_seq.b Examining data/skesa-2.4.0/gfa_connector.cpp Examining data/skesa-2.4.0/glb_align.cpp Examining data/skesa-2.4.0/glb_align.hpp Examining data/skesa-2.4.0/graphdigger.hpp Examining data/skesa-2.4.0/kmercounter.cpp Examining data/skesa-2.4.0/readsgetter.hpp Examining data/skesa-2.4.0/skesa.cpp Examining data/skesa-2.4.0/ngs_includes.hpp FINAL RESULTS: data/skesa-2.4.0/LargeInt.hpp:126:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buffer[256]; data/skesa-2.4.0/concurrenthash.hpp:1023:25: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(kmer.getPointer(), (uint8_t*)read_buf+k/4, kmer_bytes); data/skesa-2.4.0/concurrenthash.hpp:1395:29: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(kmer.getPointer(), (uint8_t*)read_buf+k/4, kmer_bytes); data/skesa-2.4.0/gfa_connector.cpp:141:21: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). gfa_out.open(argm["gfa"].as<string>()); data/skesa-2.4.0/gfa_connector.cpp:150:21: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). csv_out.open(argm["csv"].as<string>()); data/skesa-2.4.0/glb_align.cpp:238:93: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. int CCigar::Score(const char* query, const char* subject, int gopen, int gapextend, const char delta[256][256]) const { data/skesa-2.4.0/glb_align.cpp:376:92: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. CCigar GlbAlign(const char* a, int na, const char* b, int nb, int rho, int sigma, const char delta[256][256]) { data/skesa-2.4.0/glb_align.cpp:456:92: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. CCigar LclAlign(const char* a, int na, const char* b, int nb, int rho, int sigma, const char delta[256][256]) { data/skesa-2.4.0/glb_align.cpp:541:121: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. CCigar LclAlign(const char* a, int na, const char* b, int nb, int rho, int sigma, bool pinleft, bool pinright, const char delta[256][256]) { data/skesa-2.4.0/glb_align.cpp:655:97: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. CCigar VariBandAlign(const char* a, int na, const char* b, int nb, int rho, int sigma, const char delta[256][256], const TRange* blimits) { data/skesa-2.4.0/glb_align.cpp:770:93: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. CCigar BandAlign(const char* a, int na, const char* b, int nb, int rho, int sigma, const char delta[256][256], int band) { data/skesa-2.4.0/glb_align.hpp:61:89: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. int Score(const char* query, const char* subject, int gopen, int gapextend, const char delta[256][256]) const; data/skesa-2.4.0/glb_align.hpp:69:121: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. CCigar GlbAlign(const char* query, int querylen, const char* subject, int subjectlen, int gopen, int gapextend, const char delta[256][256]); data/skesa-2.4.0/glb_align.hpp:72:121: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. CCigar LclAlign(const char* query, int querylen, const char* subject, int subjectlen, int gopen, int gapextend, const char delta[256][256]); data/skesa-2.4.0/glb_align.hpp:75:150: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. CCigar LclAlign(const char* query, int querylen, const char* subject, int subjectlen, int gopen, int gapextend, bool pinleft, bool pinright, const char delta[256][256]); data/skesa-2.4.0/glb_align.hpp:78:126: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. CCigar VariBandAlign(const char* query, int querylen, const char* subject, int subjectlen, int gopen, int gapextend, const char delta[256][256], const TRange* subject_limits); data/skesa-2.4.0/glb_align.hpp:81:122: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. CCigar BandAlign(const char* query, int querylen, const char* subject, int subjectlen, int gopen, int gapextend, const char delta[256][256], int band); data/skesa-2.4.0/glb_align.hpp:88:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char matrix[256][256]; data/skesa-2.4.0/skesa.cpp:47:21: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). contigs_out.open(argm["contigs_out"].as<string>()); data/skesa-2.4.0/skesa.cpp:55:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). all_out.open(argm["all"].as<string>()); data/skesa-2.4.0/skesa.cpp:63:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). hist_out.open(argm["hist"].as<string>()); data/skesa-2.4.0/skesa.cpp:71:29: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). connected_reads_out.open(argm["connected_reads"].as<string>()); data/skesa-2.4.0/skesa.cpp:79:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). dbg_out.open(argm["dbg_out"].as<string>(), ios::binary | ios::out); data/skesa-2.4.0/skesa.cpp:535:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). seeds_in.open(argm["seeds"].as<string>()); data/skesa-2.4.0/DBGraph.hpp:77:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(!in.read(reinterpret_cast<char*>(&bin_num), sizeof bin_num)) data/skesa-2.4.0/DBGraph.hpp:81:24: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(!in.read(reinterpret_cast<char*>(&bin), sizeof bin)) data/skesa-2.4.0/DBGraph.hpp:86:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(!in.read(reinterpret_cast<char*>(&m_is_stranded), sizeof m_is_stranded)) data/skesa-2.4.0/DBGraph.hpp:329:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(!in.read(reinterpret_cast<char*>(&bin_num), sizeof bin_num)) data/skesa-2.4.0/DBGraph.hpp:333:24: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(!in.read(reinterpret_cast<char*>(&bin), sizeof bin)) data/skesa-2.4.0/DBGraph.hpp:340:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(!in.read(reinterpret_cast<char*>(&m_is_stranded), sizeof m_is_stranded)) data/skesa-2.4.0/common_util.hpp:113:40: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void PushBack(const Container& read) { data/skesa-2.4.0/common_util.hpp:116:27: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). for(auto it = read.rbegin(); it != read.rend(); ++it) { // put backward for kmer compatibility data/skesa-2.4.0/common_util.hpp:116:48: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). for(auto it = read.rbegin(); it != read.rend(); ++it) { // put backward for kmer compatibility data/skesa-2.4.0/common_util.hpp:266:170: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). kmer_iterator(int kmer_len, const CReadHolder& rholder, size_t position = 0, size_t position_in_read = 0, size_t read = 0) : m_readholderp(&rholder), m_read(read), m_position(position), m_kmer_len(kmer_len), m_position_in_read(position_in_read) { data/skesa-2.4.0/common_util.hpp:292:24: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). string read; data/skesa-2.4.0/common_util.hpp:293:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read.reserve(read_length); data/skesa-2.4.0/common_util.hpp:296:21: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read.push_back(bin2NT[(m_readholderp->m_storage[position/64] >> position%64) & 3]); data/skesa-2.4.0/common_util.hpp:299:24: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). return read; data/skesa-2.4.0/common_util.hpp:347:29: [1] (buffer) mismatch: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. auto mism = mismatch(seq1p, last, seq2p); data/skesa-2.4.0/common_util.hpp:395:151: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). string_iterator(const CReadHolder& rholder, size_t position = 0, size_t read = 0) : m_readholderp(&rholder), m_position(position), m_read(read) {} data/skesa-2.4.0/concurrenthash.hpp:243:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(!is.read(reinterpret_cast<char*>(&vsize), sizeof vsize)) data/skesa-2.4.0/concurrenthash.hpp:248:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(!is.read(reinterpret_cast<char*>(&elements), sizeof elements)) data/skesa-2.4.0/concurrenthash.hpp:252:24: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(!is.read(reinterpret_cast<char*>(p), sizeof *p)) data/skesa-2.4.0/concurrenthash.hpp:329:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(!is.read(reinterpret_cast<char*>(&vsize), sizeof vsize)) data/skesa-2.4.0/concurrenthash.hpp:333:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(!is.read(reinterpret_cast<char*>(&m_chunks), sizeof m_chunks)) data/skesa-2.4.0/concurrenthash.hpp:335:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(!is.read(reinterpret_cast<char*>(&m_size), sizeof m_size)) data/skesa-2.4.0/concurrenthash.hpp:337:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(!is.read(reinterpret_cast<char*>(&m_chunk_size), sizeof m_chunk_size)) data/skesa-2.4.0/concurrenthash.hpp:343:24: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(!is.read(reinterpret_cast<char*>(&num), sizeof num)) data/skesa-2.4.0/concurrenthash.hpp:346:24: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(!is.read(reinterpret_cast<char*>(chunk.data()), num*vsize)) data/skesa-2.4.0/concurrenthash.hpp:709:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(!is.read(reinterpret_cast<char*>(&m_table_size), sizeof m_table_size)) data/skesa-2.4.0/concurrenthash.hpp:711:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(!is.read(reinterpret_cast<char*>(&m_kmer_len), sizeof m_kmer_len)) data/skesa-2.4.0/concurrenthash.hpp:749:24: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(!is.read(reinterpret_cast<char*>(&list_num), sizeof list_num)) data/skesa-2.4.0/concurrenthash.hpp:753:28: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(!is.read(reinterpret_cast<char*>(&i), sizeof i)) data/skesa-2.4.0/counter.hpp:102:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(!in.read(reinterpret_cast<char*>(&m_kmer_len), sizeof(m_kmer_len))) data/skesa-2.4.0/counter.hpp:256:24: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(!is.read(reinterpret_cast<char*>(&num), sizeof num)) data/skesa-2.4.0/counter.hpp:260:28: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(!is.read(reinterpret_cast<char*>(&v[0]), num*sizeof(v[0]))) data/skesa-2.4.0/gfa.hpp:1311:82: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if(js->m_seq.size() == 1 || is->m_seq.size() == 1 || equal(is->m_seq.rbegin()+1, is->m_seq.rend(), js->m_seq.rbegin()+1, [](const SegBase& a, const SegBase& b) { return a.m_nt == b.m_nt; })) { data/skesa-2.4.0/gfa.hpp:1338:82: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if(js->m_seq.size() == 1 || is->m_seq.size() == 1 || equal(is->m_seq.begin()+1, is->m_seq.end(), js->m_seq.begin()+1, [](const SegBase& a, const SegBase& b) { return a.m_nt == b.m_nt; })) { data/skesa-2.4.0/gfa.hpp:1581:36: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if(equal(is->m_seq.rbegin(), is->m_seq.rend(), js->m_seq.rbegin(), [](const SegBase& a, const SegBase& b) { return a.m_nt == b.m_nt; })) { data/skesa-2.4.0/gfa.hpp:1610:45: [1] (buffer) mismatch: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. auto rslt = mismatch(is->m_seq.rbegin(), is->m_seq.rbegin()+len, js->m_seq.rbegin(), [](const SegBase& a, const SegBase& b) { return a.m_nt == b.m_nt; }); data/skesa-2.4.0/gfa.hpp:1666:36: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if(equal(is->m_seq.begin(), is->m_seq.end(), js->m_seq.begin(), [](const SegBase& a, const SegBase& b) { return a.m_nt == b.m_nt; })) { data/skesa-2.4.0/gfa.hpp:1695:45: [1] (buffer) mismatch: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. auto rslt = mismatch(is->m_seq.begin(), is->m_seq.begin()+len, js->m_seq.begin(), [](const SegBase& a, const SegBase& b) { return a.m_nt == b.m_nt; }); data/skesa-2.4.0/gfa.hpp:3077:69: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). uint8_t color = m_graph_digger.CheckAndClipReadLite(read); data/skesa-2.4.0/gfa.hpp:3079:47: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). clipped_reads[1].PushBack(read); data/skesa-2.4.0/glb_align.cpp:863:33: [1] (buffer) mismatch: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. SMatrix::SMatrix(int match, int mismatch) { // matrix for DNA data/skesa-2.4.0/glb_align.cpp:869:34: [1] (buffer) mismatch: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. else matrix[i][j] = -mismatch; data/skesa-2.4.0/glb_align.hpp:85:25: [1] (buffer) mismatch: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. SMatrix(int match, int mismatch); // matrix for DNA data/skesa-2.4.0/graphdigger.hpp:98:66: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. bool operator==(const SeqInterval& other) const { return equal(begin, end, other.begin); } data/skesa-2.4.0/graphdigger.hpp:354:30: [1] (buffer) mismatch: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. SMatrix delta(match, mismatch); data/skesa-2.4.0/graphdigger.hpp:2316:25: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if(!equal(last_chunkp->end()-kmer_len, last_chunkp->end()-shift, step_back.front().begin()+shift)) data/skesa-2.4.0/graphdigger.hpp:2654:33: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if(!equal(jlchunk.begin(), jlchunk.begin()+hit.second, irchunk.end()-overlap_len)) data/skesa-2.4.0/graphdigger.hpp:2672:33: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if(!equal(seq.begin(), seq.end(), jrchunk.end()-overlap_len+kmer_len)) data/skesa-2.4.0/graphdigger.hpp:2697:33: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if(!equal(jrchunk.end()-overlap_len+kmer_len, jrchunk.end(), ilchunk.begin()+kmer_len)) data/skesa-2.4.0/graphdigger.hpp:2715:33: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if(!equal(jlchunk.begin(), jlchunk.begin()+hit.second, seq.begin())) data/skesa-2.4.0/graphdigger.hpp:2942:46: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). uint8_t CheckAndClipReadLite(string& read) { data/skesa-2.4.0/graphdigger.hpp:2944:24: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int rlen = read.size(); data/skesa-2.4.0/graphdigger.hpp:2946:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read.clear(); data/skesa-2.4.0/graphdigger.hpp:2952:25: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rh.PushBack(read); data/skesa-2.4.0/graphdigger.hpp:2956:31: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). vector<int> bases(read.size(), 0); data/skesa-2.4.0/graphdigger.hpp:2983:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read.clear(); data/skesa-2.4.0/graphdigger.hpp:2985:24: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read = read.substr(left, len); data/skesa-2.4.0/graphdigger.hpp:3001:48: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). pair<int,int> CheckAndClipRead(string& read, deque<Node>& nodes) { data/skesa-2.4.0/graphdigger.hpp:3004:93: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). string lextend = MostLikelyExtension(DBGraph::ReverseComplement(m_graph.GetNode(read.substr(0, kmer_len))), kmer_len); data/skesa-2.4.0/graphdigger.hpp:3006:66: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). string rextend = MostLikelyExtension(m_graph.GetNode(read.substr(read.size()-kmer_len)), kmer_len); data/skesa-2.4.0/graphdigger.hpp:3006:78: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). string rextend = MostLikelyExtension(m_graph.GetNode(read.substr(read.size()-kmer_len)), kmer_len); data/skesa-2.4.0/graphdigger.hpp:3014:31: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). vector<int> bases(read.size(), 0); data/skesa-2.4.0/graphdigger.hpp:3016:93: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). for(int kk = 0; lextend.size()+read_pos+1 < extended_nodes.size() && read_pos < read.size(); ++kk, ++read_pos) { data/skesa-2.4.0/graphdigger.hpp:3040:37: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). for(unsigned k = 0; k < read.size(); ++k) { data/skesa-2.4.0/graphdigger.hpp:3041:28: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). for( ; k < read.size() && !bases[k]; ++k); // skip bad bases data/skesa-2.4.0/graphdigger.hpp:3044:28: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). for( ; k < read.size() && bases[k]; ++k, ++current_len); // count adjacent good bases data/skesa-2.4.0/graphdigger.hpp:3052:24: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). left = read.size(); data/skesa-2.4.0/graphdigger.hpp:3054:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read.clear(); data/skesa-2.4.0/graphdigger.hpp:3057:24: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read = read.substr(left, len); data/skesa-2.4.0/graphdigger.hpp:3100:24: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). string read; data/skesa-2.4.0/graphdigger.hpp:3104:67: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if(hit < (int)min(nodes1.size(),nodes2.size()) && equal(nodes2.begin(), nodes2.begin()+hit, nodes1.end()-hit-1)) { // overlap data/skesa-2.4.0/graphdigger.hpp:3133:32: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(read.empty()) data/skesa-2.4.0/graphdigger.hpp:3139:21: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(!read.empty()) { data/skesa-2.4.0/graphdigger.hpp:3143:40: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read = lextend+read; data/skesa-2.4.0/graphdigger.hpp:3146:46: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). paired_reads[0].PushBack(read); data/skesa-2.4.0/readsgetter.hpp:369:40: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). static void InsertRead(string& read, CReadHolder& rholder, const string& source_name) { data/skesa-2.4.0/readsgetter.hpp:371:27: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). for(char& c : read) c = toupper(c); data/skesa-2.4.0/readsgetter.hpp:373:16: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(read.find_first_not_of("ACGTYRWSKMDVHBXN-") != string::npos) data/skesa-2.4.0/readsgetter.hpp:380:27: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while(start < read.size()) { data/skesa-2.4.0/readsgetter.hpp:381:35: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). size_t stop = min(read.size(),read.find_first_not_of("ACGT", start)); data/skesa-2.4.0/readsgetter.hpp:381:47: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). size_t stop = min(read.size(),read.find_first_not_of("ACGT", start)); data/skesa-2.4.0/readsgetter.hpp:387:25: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). start = read.find_first_of("ACGT", stop); data/skesa-2.4.0/readsgetter.hpp:390:34: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rholder.PushBack(read.substr(best_start, best_len)); data/skesa-2.4.0/readsgetter.hpp:464:40: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). InsertRead(read, rslt[1], acc); data/skesa-2.4.0/readsgetter.hpp:498:54: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). auto NextRead = [] (string& acc, string& read, bool isfasta, boost::iostreams::filtering_istream& is, const string& source_name) { data/skesa-2.4.0/readsgetter.hpp:500:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read.clear(); data/skesa-2.4.0/readsgetter.hpp:515:21: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read.erase(remove(read.begin(),read.end(),'\n'),read.end()); data/skesa-2.4.0/readsgetter.hpp:515:39: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read.erase(remove(read.begin(),read.end(),'\n'),read.end()); data/skesa-2.4.0/readsgetter.hpp:515:52: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read.erase(remove(read.begin(),read.end(),'\n'),read.end()); data/skesa-2.4.0/readsgetter.hpp:515:69: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read.erase(remove(read.begin(),read.end(),'\n'),read.end()); data/skesa-2.4.0/readsgetter.hpp:525:37: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(!getline(is, read)) data/skesa-2.4.0/readsgetter.hpp:545:32: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(!gztest.read(reinterpret_cast<char*>(gzstart.data()), 2)) data/skesa-2.4.0/readsgetter.hpp:655:54: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). auto NextRead = [] (string& acc, string& read, bool isfasta, boost::iostreams::filtering_istream& is, const string& source_name) { data/skesa-2.4.0/readsgetter.hpp:657:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read.clear(); data/skesa-2.4.0/readsgetter.hpp:672:21: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read.erase(remove(read.begin(),read.end(),'\n'),read.end()); data/skesa-2.4.0/readsgetter.hpp:672:39: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read.erase(remove(read.begin(),read.end(),'\n'),read.end()); data/skesa-2.4.0/readsgetter.hpp:672:52: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read.erase(remove(read.begin(),read.end(),'\n'),read.end()); data/skesa-2.4.0/readsgetter.hpp:672:69: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read.erase(remove(read.begin(),read.end(),'\n'),read.end()); data/skesa-2.4.0/readsgetter.hpp:682:37: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(!getline(is, read)) data/skesa-2.4.0/readsgetter.hpp:702:28: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(!gztest.read(reinterpret_cast<char*>(gzstart.data()), 2)) ANALYSIS SUMMARY: Hits = 124 Lines analyzed = 16797 in approximately 0.48 seconds (35104 lines/second) Physical Source Lines of Code (SLOC) = 13399 Hits@level = [0] 1 [1] 100 [2] 24 [3] 0 [4] 0 [5] 0 Hits@level+ = [0+] 125 [1+] 124 [2+] 24 [3+] 0 [4+] 0 [5+] 0 Hits/KSLOC@level+ = [0+] 9.32905 [1+] 9.25442 [2+] 1.79118 [3+] 0 [4+] 0 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.