Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/smalt-0.7.6/src/elib.c
Examining data/smalt-0.7.6/src/elib.h
Examining data/smalt-0.7.6/src/filio.c
Examining data/smalt-0.7.6/src/filio.h
Examining data/smalt-0.7.6/src/sequence.c
Examining data/smalt-0.7.6/src/sequence.h
Examining data/smalt-0.7.6/src/score.c
Examining data/smalt-0.7.6/src/score.h
Examining data/smalt-0.7.6/src/diffstr.c
Examining data/smalt-0.7.6/src/diffstr.h
Examining data/smalt-0.7.6/src/alibuffer.c
Examining data/smalt-0.7.6/src/alibuffer.h
Examining data/smalt-0.7.6/src/alibuffer_struct.h
Examining data/smalt-0.7.6/src/alignment.c
Examining data/smalt-0.7.6/src/alignment.h
Examining data/smalt-0.7.6/src/swsimd.c
Examining data/smalt-0.7.6/src/swsimd.h
Examining data/smalt-0.7.6/src/sort.c
Examining data/smalt-0.7.6/src/sort.h
Examining data/smalt-0.7.6/src/array.c
Examining data/smalt-0.7.6/src/array.h
Examining data/smalt-0.7.6/src/vdef.h
Examining data/smalt-0.7.6/src/interval.c
Examining data/smalt-0.7.6/src/interval.h
Examining data/smalt-0.7.6/src/hashidx.c
Examining data/smalt-0.7.6/src/hashidx.h
Examining data/smalt-0.7.6/src/hashhit.c
Examining data/smalt-0.7.6/src/hashhit.h
Examining data/smalt-0.7.6/src/segment.c
Examining data/smalt-0.7.6/src/segment.h
Examining data/smalt-0.7.6/src/smalt.c
Examining data/smalt-0.7.6/src/menu.h
Examining data/smalt-0.7.6/src/menu.c
Examining data/smalt-0.7.6/src/threads.h
Examining data/smalt-0.7.6/src/threads.c
Examining data/smalt-0.7.6/src/infmt.c
Examining data/smalt-0.7.6/src/infmt.h
Examining data/smalt-0.7.6/src/results.c
Examining data/smalt-0.7.6/src/results.h
Examining data/smalt-0.7.6/src/randef.h
Examining data/smalt-0.7.6/src/resultpairs.c
Examining data/smalt-0.7.6/src/resultpairs.h
Examining data/smalt-0.7.6/src/report.c
Examining data/smalt-0.7.6/src/report.h
Examining data/smalt-0.7.6/src/rmap.c
Examining data/smalt-0.7.6/src/rmap.h
Examining data/smalt-0.7.6/src/insert.c
Examining data/smalt-0.7.6/src/insert.h
Examining data/smalt-0.7.6/test/diffstr_test.c
Examining data/smalt-0.7.6/test/sequenceReverseComplement_test.c
Examining data/smalt-0.7.6/misc/basqcol.c
Examining data/smalt-0.7.6/misc/basqual.c
Examining data/smalt-0.7.6/misc/basqual.h
Examining data/smalt-0.7.6/misc/fetchseq.c
Examining data/smalt-0.7.6/misc/mixreads.c
Examining data/smalt-0.7.6/misc/readstats.c
Examining data/smalt-0.7.6/misc/simqual.c
Examining data/smalt-0.7.6/misc/simread.c
Examining data/smalt-0.7.6/misc/rsample.c
Examining data/smalt-0.7.6/misc/rsample.h
Examining data/smalt-0.7.6/misc/splitmates.c
Examining data/smalt-0.7.6/misc/splitreads.c
Examining data/smalt-0.7.6/misc/trunkreads.c
FINAL RESULTS:
data/smalt-0.7.6/misc/simread.c:430:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(alistr+a,
data/smalt-0.7.6/misc/simread.c:442:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(alistr+a,
data/smalt-0.7.6/misc/simread.c:460:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(alistr+a,
data/smalt-0.7.6/misc/simread.c:474:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(alistr+a,
data/smalt-0.7.6/misc/simread.c:484:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(alistr+a,
data/smalt-0.7.6/misc/simread.c:495:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(alistr+a,
data/smalt-0.7.6/misc/simread.c:509:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(alistr+a,
data/smalt-0.7.6/misc/simread.c:531:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(read_name, "%s_%9.9i_%s_%9.9u_%c_%s", readnamprefix, readnum,
data/smalt-0.7.6/misc/simread.c:534:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(read_name, "%s_%9.9i_%s_%9.9u_%lli_%c_%s", readnamprefix, readnum,
data/smalt-0.7.6/misc/splitreads.c:84:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(oufilnam, "%s_%3.3i", oufilnamroot, filctr);
data/smalt-0.7.6/misc/splitreads.c:86:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(oufilnam, oufilnamroot);
data/smalt-0.7.6/src/diffstr.c:162:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf((FILE *)top, CIGAR_EXTF, ctr, typc):
data/smalt-0.7.6/src/diffstr.c:163:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf((FILE *)top, CIGAR_FORM, typc, ctr):
data/smalt-0.7.6/src/diffstr.c:170:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf((char *)top, CIGAR_EXTF, ctr, typc):
data/smalt-0.7.6/src/diffstr.c:171:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf((char *)top, CIGAR_FORM, typc, ctr):
data/smalt-0.7.6/src/elib.c:343:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, ERRMSG_FORMAT,
data/smalt-0.7.6/src/elib.c:401:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf((fp), ERRMSG_FORMAT,
data/smalt-0.7.6/src/elib.c:524:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if (cp) strcpy(cp, str);
data/smalt-0.7.6/src/elib.c:534:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cp, str1);
data/smalt-0.7.6/src/elib.c:535:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(cp, str2);
data/smalt-0.7.6/src/elib.c:639:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(esp->strp + esp->len, strp);
data/smalt-0.7.6/src/filio.c:126:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fnam, filnam);
data/smalt-0.7.6/src/filio.c:130:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fnam, filext);
data/smalt-0.7.6/src/filio.c:179:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fnam, filnam);
data/smalt-0.7.6/src/filio.c:183:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fnam, filext);
data/smalt-0.7.6/src/insert.c:621:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, IOFIL_KEY_FORMAT, pHist->iSpan, pHist->iScalFac,
data/smalt-0.7.6/src/insert.c:625:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, IOFIL_FORMAT, pHist->iInSizLo + i*pHist->iScalFac, cp[i]);
data/smalt-0.7.6/src/insert.c:658:7: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
fscanf(fp, IOFIL_KEY_FORMAT, &binnum, &scalfac,
data/smalt-0.7.6/src/insert.c:684:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (sscanf(linbufp, IOFIL_FORMAT, &isiz, &count) != 2)
data/smalt-0.7.6/src/menu.c:1732:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stdout, MENU_PROGNAM_VERSION_FMT, MENU_RELEASE_VERSION);
data/smalt-0.7.6/src/menu.c:1734:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stdout, MENU_USAGE_SUMMARY);
data/smalt-0.7.6/src/menu.c:1759:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stdout, MENU_USAGE_MAP_HEADER);
data/smalt-0.7.6/src/menu.c:1794:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stdout, MENU_USAGE_SUMMARY);
data/smalt-0.7.6/src/menu.c:1804:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stdout, MENU_USAGE_SUMMARY);
data/smalt-0.7.6/src/report.c:370:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, OUFMT_ALIGN,
data/smalt-0.7.6/src/report.c:495:13: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
if ((nc = sprintf(rsp->strp, SAMFORM_PROGLINE, prognam, prognam, progversion)) < 1)
data/smalt-0.7.6/src/report.c:499:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
if ((nc = sprintf(rsp->strp + rsp->strl, "%s", argv[0])) < 1)
data/smalt-0.7.6/src/report.c:504:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
if ((nc = sprintf(rsp->strp + rsp->strl, " %s", argv[i])) < 1)
data/smalt-0.7.6/src/report.c:632:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, OUFMT_SSAHA, flagchr,
data/smalt-0.7.6/src/report.c:687:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, OUFMT_GFF2,
data/smalt-0.7.6/src/report.c:702:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, OUFMT_GFF2_ALIBLOCK, q0 + 1, r0 + 1, len);
data/smalt-0.7.6/src/report.c:705:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, OUFMT_GFF2_ALIBLOCK, 0, 0, 0);
data/smalt-0.7.6/src/report.c:749:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, OUFMT_CIGAR, flagchr,
data/smalt-0.7.6/src/report.c:888:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, OUFMT_SAM_BEFORE,
data/smalt-0.7.6/src/report.c:900:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, OUFMT_SAM_NULLSTR);
data/smalt-0.7.6/src/report.c:902:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, OUFMT_SAM_AFTER,
data/smalt-0.7.6/src/report.c:1274:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if (fprintf(oufp, SAMFORM_HEADLINE) < 1)
data/smalt-0.7.6/src/report.c:1283:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if (fprintf(oufp, SAMFORM_REFSEQLINE, nambf, (unsigned int) sl) < 1)
data/smalt-0.7.6/src/report.c:1287:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if (fprintf(oufp, SAMFORM_PROGLINE, prognam, prognam, progversion) < 0)
data/smalt-0.7.6/src/sequence.c:297:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(codp->alphabet, CODEC_ALPHABET);
data/smalt-0.7.6/src/sequence.c:369:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(codp->alphabet, alphabet);
data/smalt-0.7.6/src/smalt.c:1054:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(filnamstr, smalt_helper_oufilnam_fmt, threadno);
data/smalt-0.7.6/src/threads.c:691:13: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
nchar = vfprintf(stderr, format, ap);
data/smalt-0.7.6/src/randef.h:14:35: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define RANSEED(s) if ((s) <= 0) {srand(time(0));} else {srand((s));}
data/smalt-0.7.6/src/randef.h:14:58: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define RANSEED(s) if ((s) <= 0) {srand(time(0));} else {srand((s));}
data/smalt-0.7.6/src/randef.h:20:29: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define RANDRAW_UNIFORM_1() drand48()
data/smalt-0.7.6/misc/basqcol.c:64:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
iv = atoi(argv[2]); /* Don't count when base quality below this value */
data/smalt-0.7.6/misc/mixreads.c:35:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char FILEXT_MATE[2][6] = {"_1.fq", "_2.fq"};
data/smalt-0.7.6/misc/mixreads.c:43:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *infilnam_A_mate[2], *infilnam_B_mate[2], *oufilnam_mate[2];
data/smalt-0.7.6/misc/simqual.c:120:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nambuf[NAMBUF_MAXLEN];
data/smalt-0.7.6/misc/simqual.c:145:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
rand_seed = atoi(argv[2]);
data/smalt-0.7.6/misc/simread.c:294:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char linbuf[LINBUFSIZ];
data/smalt-0.7.6/misc/simread.c:303:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
il = atoi(linbuf);
data/smalt-0.7.6/misc/simread.c:330:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char read_name[LINBUFSIZ];
data/smalt-0.7.6/misc/simread.c:331:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char alistr[LINBUFSIZ];
data/smalt-0.7.6/misc/simread.c:341:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char refnamp[MAXNAMLEN];
data/smalt-0.7.6/misc/simread.c:538:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(read_name + strlen(read_name), "/%1i", mateno);
data/smalt-0.7.6/misc/simread.c:739:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
readlen = atoi(argv[2]);
data/smalt-0.7.6/misc/simread.c:740:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
readnum = atoi(argv[3]);
data/smalt-0.7.6/misc/simread.c:745:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
insertsiz = atoi(argv[6]);
data/smalt-0.7.6/misc/simread.c:750:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
randseed = atoi(argv[8]);
data/smalt-0.7.6/misc/splitreads.c:49:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oufilnam[FILENAME_MAX];
data/smalt-0.7.6/misc/splitreads.c:64:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
readno_start = atoi(argv[2]);
data/smalt-0.7.6/misc/splitreads.c:69:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
readnum = atoi(argv[3]);
data/smalt-0.7.6/misc/trunkreads.c:53:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newreadlen = atoi(argv[2]);
data/smalt-0.7.6/src/alignment.c:138:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *string[NUMSTR]; /**< Pairwise alignment (in reverse) and consensus.
data/smalt-0.7.6/src/diffstr.c:172:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf((char *)top, "%c", typc);
data/smalt-0.7.6/src/diffstr.c:269:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
nchar += sprintf(sp + nchar, "%c:%2.2hi|", DIFFSTR_SYMBOLS[(*ucp) >> DIFFSTR_TYPSHIFT],
data/smalt-0.7.6/src/diffstr.c:272:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
nchar += sprintf(sp + nchar, "M:00)");
data/smalt-0.7.6/src/diffstr.c:292:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
nchar += sprintf(sp + nchar, "%c%i", DIFFSTR_SYMBOLS[(*ucp) >> DIFFSTR_TYPSHIFT],
data/smalt-0.7.6/src/diffstr.c:1132:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuf[NUMBUF_MAXLEN];
data/smalt-0.7.6/src/diffstr.c:1145:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
count = atoi(numbuf);
data/smalt-0.7.6/src/diffstr.c:1176:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numbuf[NUMBUF_MAXLEN];
data/smalt-0.7.6/src/diffstr.c:1195:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
count = atoi(numbuf);
data/smalt-0.7.6/src/elib.c:63:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mspace[ERRMSG_MAXSPACE]; /**< Memory for text */
data/smalt-0.7.6/src/elib.c:64:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char currReadNam[ERRMSG_MAXNAMLEN]; /**< Current read name */
data/smalt-0.7.6/src/elib.c:495:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filnam, mode);
data/smalt-0.7.6/src/filio.c:117:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fnam[FILENAME_MAX];
data/smalt-0.7.6/src/filio.c:136:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(fnam, "wb"))) {
data/smalt-0.7.6/src/filio.c:162:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fnam[FILENAME_MAX];
data/smalt-0.7.6/src/filio.c:189:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(fnam, "rb"))) {
data/smalt-0.7.6/src/hashhit.c:395:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keybuf[NBITS_HASHWORD + 1];
data/smalt-0.7.6/src/hashidx.c:702:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char codtyp, word[MAXTUPLEN+1];
data/smalt-0.7.6/src/hashidx.c:1036:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAXTUPLEN+1];
data/smalt-0.7.6/src/insert.c:634:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char linbufp[IOFIL_LINBUFSIZ];
data/smalt-0.7.6/src/menu.c:909:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ival = atoi(value);
data/smalt-0.7.6/src/menu.c:1063:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*(int *) optarg = atoi(argp[1]);
data/smalt-0.7.6/src/menu.c:1077:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*(int *) optarg = atoi(argp[1]);
data/smalt-0.7.6/src/menu.c:1078:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*(((int *) optarg)+1) = atoi(cp);
data/smalt-0.7.6/src/report.c:163:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char namext[NAMEXT_MAXLEN];
data/smalt-0.7.6/src/report.c:164:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char namext_mate[NAMEXT_MAXLEN];
data/smalt-0.7.6/src/report.c:257:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cod, qbuf[MAXLINWIDTH_ALI], dbuf[MAXLINWIDTH_ALI], sbuf[MAXLINWIDTH_ALI];
data/smalt-0.7.6/src/report.c:1272:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nambf[SEQNAM_SAM_MAXLEN];
data/smalt-0.7.6/src/sequence.c:96:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char READNAM_MATEXT_SEPARATOR[READNAM_NUMTYP] = {'\0', '/', '.'}; /* index corresponds to READNAM_TYPES */
data/smalt-0.7.6/src/sequence.c:97:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char READNAM_MATEXT_ILLUMINA[2][2] = {"1", "2"};
data/smalt-0.7.6/src/sequence.c:98:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char READNAM_MATEXT_FR[2][2] = {"F", "R"};
data/smalt-0.7.6/src/sequence.c:123:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char alphabet[SIZE_ALPHABET]; /**< Standard nucleotide codes */
data/smalt-0.7.6/src/sequence.c:125:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char decodtab[SIZE_DECODTAB]; /**< Decoding table */
data/smalt-0.7.6/src/sequence.c:126:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char codtab_complement[SIZE_STANDARD_ALPHABET]; /* (encoded) complement table */
data/smalt-0.7.6/src/sequence.c:142:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fmode[MODELEN+1];/**< fopen() I/O mode */
data/smalt-0.7.6/src/sequence.c:198:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int *prompt, char bufp[LINBUFSIZ])
data/smalt-0.7.6/src/sequence.c:226:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *extstr[2];
data/smalt-0.7.6/src/sequence.c:1062:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int *prompt, char bufp[LINBUFSIZ])
data/smalt-0.7.6/src/sequence.c:1236:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int *prompt, char bufp[LINBUFSIZ], SEQLEN_t minlen)
data/smalt-0.7.6/src/sequence.c:1689:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[OUTBUFSIZE+1];
data/smalt-0.7.6/src/smalt.c:1044:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filnamstr[FILENAME_MAX];
data/smalt-0.7.6/src/threads.c:653:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chrbf[DBG_CHARBUFSIZ];
data/smalt-0.7.6/test/diffstr_test.c:44:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cigarout[CIGAR_MAXLEN];
data/smalt-0.7.6/misc/simqual.c:229:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(nambuf, seqFastqGetSeqName(sqbufp), NAMBUF_MAXLEN);
data/smalt-0.7.6/misc/simqual.c:231:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buflen = (int) strlen(nambuf);
data/smalt-0.7.6/misc/simread.c:394:3: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(alistr, "[");
data/smalt-0.7.6/misc/simread.c:399:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
a = strlen(alistr);
data/smalt-0.7.6/misc/simread.c:437:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
a = strlen(alistr);
data/smalt-0.7.6/misc/simread.c:473:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
a = strlen(alistr);
data/smalt-0.7.6/misc/simread.c:494:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
a = strlen(alistr);
data/smalt-0.7.6/misc/simread.c:504:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
a = strlen(alistr);
data/smalt-0.7.6/misc/simread.c:538:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(read_name + strlen(read_name), "/%1i", mateno);
data/smalt-0.7.6/misc/splitmates.c:88:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namlen = strlen(namstrp);
data/smalt-0.7.6/misc/splitreads.c:73:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(oufilnamroot) + NCHAR_FILEXT > FILENAME_MAX)
data/smalt-0.7.6/src/diffstr.c:112:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t strlen;
data/smalt-0.7.6/src/diffstr.c:266:12: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
nchar += sprintf(sp, "(");
data/smalt-0.7.6/src/diffstr.c:1459:79: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
int diffStrScore(const DIFFSTR_T *diffstrp, int *swscor, SWSCOR match, SWSCOR mismatch,
data/smalt-0.7.6/src/diffstr.c:1467:20: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (match < 1 || mismatch > 0 || gapopen > gapextend || gapopen > 0)
data/smalt-0.7.6/src/diffstr.c:1476:32: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
*swscor += match*count + mismatch;
data/smalt-0.7.6/src/diffstr.c:1491:16: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
*swscor -= mismatch;
data/smalt-0.7.6/src/diffstr.h:392:25: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
short match, short mismatch,
data/smalt-0.7.6/src/elib.c:325:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(emp->currReadNam, namp, ERRMSG_MAXNAMLEN);
data/smalt-0.7.6/src/elib.c:523:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *cp = malloc(strlen(str)+1);
data/smalt-0.7.6/src/elib.c:532:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *cp = malloc(strlen(str1) + strlen(str2) + 1);
data/smalt-0.7.6/src/elib.c:532:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *cp = malloc(strlen(str1) + strlen(str2) + 1);
data/smalt-0.7.6/src/elib.c:634:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t slen = strlen(strp);
data/smalt-0.7.6/src/elib.c:640:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
esp->len = strlen(esp->strp);
data/smalt-0.7.6/src/filio.c:118:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t namlen = strlen(filnam);
data/smalt-0.7.6/src/filio.c:119:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t extlen = ((filext))? strlen(filext): 0;
data/smalt-0.7.6/src/filio.c:164:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t extlen = ((filext))? strlen(filext): 0;
data/smalt-0.7.6/src/filio.c:174:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namlen = strlen(filnam);
data/smalt-0.7.6/src/insert.c:650:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen(IOFIL_KEY_START);
data/smalt-0.7.6/src/insert.c:678:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen(IOFIL_KEY_END);
data/smalt-0.7.6/src/report.c:481:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t maxlen = strlen(SAMFORM_PROGLINE)+1;
data/smalt-0.7.6/src/report.c:489:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
maxlen += strlen(argv[i]) + 1;
data/smalt-0.7.6/src/report.c:508:13: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
if ((nc = sprintf(rsp->strp + rsp->strl, "\n")) < 1)
data/smalt-0.7.6/src/results.c:147:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int strlen; /**< length of the alignment string (excl. termination) */
data/smalt-0.7.6/src/results.c:1640:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
diffstrp->dstrp + hp->stroffs, hp->strlen,
data/smalt-0.7.6/src/results.c:2242:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dstrp, rp->strlen,
data/smalt-0.7.6/src/score.c:115:11: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
short *mismatch, short *gapinit, short *gapext)
data/smalt-0.7.6/src/score.c:117:7: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (mismatch) *mismatch = (short) p->penalty[SCORPNLTYP_MISMATCH];
data/smalt-0.7.6/src/score.c:325:3: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
mismatch /= n_offdiag;
data/smalt-0.7.6/src/score.c:326:7: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (mismatch > SCORPNLTY_MAXVAL) {
data/smalt-0.7.6/src/score.c:328:14: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
} else if (mismatch < -1*SCORPNLTY_MAXVAL) {
data/smalt-0.7.6/src/score.c:334:10: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
return mismatch;
data/smalt-0.7.6/src/score.c:337:31: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
short scoreGetDefaults(short *mismatch, short *gapinit, short *gapext)
data/smalt-0.7.6/src/score.c:339:7: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (mismatch) *mismatch = DEFAULT_MISMATCH;
data/smalt-0.7.6/src/score.h:154:13: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
short *mismatch, short *gapinit, short *gapext);
data/smalt-0.7.6/src/score.h:193:33: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
short scoreGetDefaults(short *mismatch, short *gapinit, short *gapext);
data/smalt-0.7.6/src/sequence.c:293:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
codp->alphlen = (UCHAR_t) strlen(CODEC_ALPHABET);
data/smalt-0.7.6/src/sequence.c:357:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t alphsiz = strlen(alphabet);
data/smalt-0.7.6/src/sequence.c:406:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*length = (short) strlen(codp->alphabet);
data/smalt-0.7.6/src/sequence.c:489:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(p->fmode, "r");
data/smalt-0.7.6/src/sequence.c:499:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(p->fmode, "w");
data/smalt-0.7.6/src/sequence.c:1194:10: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for (c=fgetc(fp);
data/smalt-0.7.6/src/sequence.c:1196:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(fp)) {
data/smalt-0.7.6/src/sequence.c:1717:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, sp->basep+pos, linewidth);
data/smalt-0.7.6/src/sequence.c:2384:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(cp, sqp->headp->basep, sqp->headp->size);
data/smalt-0.7.6/src/threads.c:671:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(chrbf, getBufTyp(p), DBG_CHARBUFSIZ);
ANALYSIS SUMMARY:
Hits = 174
Lines analyzed = 36920 in approximately 1.12 seconds (33110 lines/second)
Physical Source Lines of Code (SLOC) = 26340
Hits@level = [0] 532 [1] 56 [2] 62 [3] 3 [4] 53 [5] 0
Hits@level+ = [0+] 706 [1+] 174 [2+] 118 [3+] 56 [4+] 53 [5+] 0
Hits/KSLOC@level+ = [0+] 26.8033 [1+] 6.60592 [2+] 4.47988 [3+] 2.12604 [4+] 2.01215 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.