Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/ssm-1.4.0/sup_pairwise.cpp
Examining data/ssm-1.4.0/sup_defs.h
Examining data/ssm-1.4.0/superpose.cpp
Examining data/ssm-1.4.0/sup_multiple.cpp
Examining data/ssm-1.4.0/ssm/ssm_defs.h
Examining data/ssm-1.4.0/ssm/ssm_vxedge.h
Examining data/ssm-1.4.0/ssm/ssm_graph.cpp
Examining data/ssm-1.4.0/ssm/ssm_align.cpp
Examining data/ssm-1.4.0/ssm/ssm_graph.h
Examining data/ssm-1.4.0/ssm/ssm_superpose.cpp
Examining data/ssm-1.4.0/ssm/ssm_align.h
Examining data/ssm-1.4.0/ssm/ssm_csia.h
Examining data/ssm-1.4.0/ssm/ssm_malign.cpp
Examining data/ssm-1.4.0/ssm/ssm_csia.cpp
Examining data/ssm-1.4.0/ssm/ssm_vxedge.cpp
Examining data/ssm-1.4.0/ssm/ssm_malign.h
Examining data/ssm-1.4.0/ssm/ssm_superpose.h
Examining data/ssm-1.4.0/sup_multiple.h
Examining data/ssm-1.4.0/sup_pairwise.h
FINAL RESULTS:
data/ssm-1.4.0/ssm/ssm_align.cpp:722:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf ( S," |%1s%1s %2s%3s%4i%1s|",
data/ssm-1.4.0/ssm/ssm_align.cpp:753:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf ( S," %1s%5.2f%1s%1s",SI,dist,SI,SI );
data/ssm-1.4.0/ssm/ssm_align.cpp:815:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( R[rowNo].chID1 ,A1->GetChainID() );
data/ssm-1.4.0/ssm/ssm_align.cpp:816:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( R[rowNo].resName1,A1->GetResName() );
data/ssm-1.4.0/ssm/ssm_align.cpp:817:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( R[rowNo].insCode1,A1->GetInsCode() );
data/ssm-1.4.0/ssm/ssm_align.cpp:825:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( R[rowNo].chID2 ,A2->GetChainID() );
data/ssm-1.4.0/ssm/ssm_align.cpp:826:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( R[rowNo].resName2,A2->GetResName() );
data/ssm-1.4.0/ssm/ssm_align.cpp:827:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( R[rowNo].insCode2,A2->GetInsCode() );
data/ssm-1.4.0/ssm/ssm_graph.cpp:203:30: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
if (chain[i][0]!=' ') strcat ( S,chain[i] );
data/ssm-1.4.0/ssm/ssm_graph.cpp:222:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( chID ,A[i]->GetChainID() );
data/ssm-1.4.0/ssm/ssm_graph.cpp:223:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( rName,A[i]->GetResName() );
data/ssm-1.4.0/ssm/ssm_graph.cpp:224:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( iCode,A[i]->GetInsCode() );
data/ssm-1.4.0/ssm/ssm_graph.cpp:225:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( aLoc ,A[i]->altLoc );
data/ssm-1.4.0/ssm/ssm_graph.cpp:239:15: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( aLoc,A[i]->altLoc );
data/ssm-1.4.0/ssm/ssm_graph.cpp:247:15: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( aLoc,A[i]->altLoc );
data/ssm-1.4.0/ssm/ssm_graph.cpp:255:15: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( aLoc,A[i]->altLoc );
data/ssm-1.4.0/ssm/ssm_graph.cpp:289:29: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy ( S,V[0]->chainID );
data/ssm-1.4.0/ssm/ssm_graph.cpp:293:31: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy ( N,V[i]->chainID );
data/ssm-1.4.0/ssm/ssm_graph.cpp:295:26: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
if (!strstr(S,N)) strcat ( S,N );
data/ssm-1.4.0/ssm/ssm_graph.cpp:472:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( chID,V[i]->chainID );
data/ssm-1.4.0/ssm/ssm_graph.cpp:878:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( chID,V[vn]->chainID );
data/ssm-1.4.0/ssm/ssm_graph.cpp:881:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( initICode,V[vn]->initICode );
data/ssm-1.4.0/ssm/ssm_graph.cpp:882:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( endICode ,V[vn]->endICode );
data/ssm-1.4.0/ssm/ssm_graph.cpp:899:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( chID,V[vn]->chainID );
data/ssm-1.4.0/ssm/ssm_graph.cpp:991:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( chain[nchains],V[i]->chainID );
data/ssm-1.4.0/ssm/ssm_graph.cpp:1026:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( S[nGraphs],V[i]->chainID );
data/ssm-1.4.0/ssm/ssm_graph.cpp:1037:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( G[i]->devChain,S[i] );
data/ssm-1.4.0/ssm/ssm_graph.cpp:1071:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( devChain,G->devChain );
data/ssm-1.4.0/ssm/ssm_malign.cpp:350:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( name1,M.name1 );
data/ssm-1.4.0/ssm/ssm_malign.cpp:351:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( name2,M.name2 );
data/ssm-1.4.0/ssm/ssm_malign.cpp:352:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( chID ,M.chID );
data/ssm-1.4.0/ssm/ssm_malign.cpp:357:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( insCode1,M.insCode1 );
data/ssm-1.4.0/ssm/ssm_malign.cpp:358:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( insCode2,M.insCode2 );
data/ssm-1.4.0/ssm/ssm_malign.cpp:406:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( name,res->GetResName() );
data/ssm-1.4.0/ssm/ssm_malign.cpp:407:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( chID,res->GetChainID() );
data/ssm-1.4.0/ssm/ssm_malign.cpp:410:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( insCode,res->GetInsCode() );
data/ssm-1.4.0/ssm/ssm_malign.cpp:417:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( name,M.name );
data/ssm-1.4.0/ssm/ssm_malign.cpp:418:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( chID,M.chID );
data/ssm-1.4.0/ssm/ssm_malign.cpp:421:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( insCode,M.insCode );
data/ssm-1.4.0/ssm/ssm_malign.cpp:909:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat ( SS,S[i]->G->GetGraphName() );
data/ssm-1.4.0/ssm/ssm_malign.cpp:930:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf ( N," %5.3g|%s%s:%2i",S[j]->P[i],
data/ssm-1.4.0/ssm/ssm_malign.cpp:932:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat ( SS,N );
data/ssm-1.4.0/ssm/ssm_malign.cpp:979:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf ( N," %4s ",S[i]->G->GetGraphName() );
data/ssm-1.4.0/ssm/ssm_malign.cpp:997:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( chID,MSSEOutput[i][j].chID );
data/ssm-1.4.0/ssm/ssm_malign.cpp:1003:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf ( N,"%1s[%1s:%i-%i]",L,chID,
data/ssm-1.4.0/ssm/ssm_malign.cpp:1028:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf ( N," %s ",S[i]->G->GetGraphName() );
data/ssm-1.4.0/ssm/ssm_malign.cpp:1046:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf ( N,"|%2i:%1s%4i%1s-%4i%1s|",vno,chID,
data/ssm-1.4.0/ssm/ssm_malign.cpp:2432:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf ( L," %4s ",S[i]->G->GetGraphName() );
data/ssm-1.4.0/ssm/ssm_malign.cpp:2456:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf ( L,"%2s%1s:%3s%4i%1s",SS,MAOut[i][j].chID,
data/ssm-1.4.0/ssm/ssm_superpose.cpp:819:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( a[i].chID,Calpha[i]->GetChainID() );
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:335:27: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if (!initResName[0]) strcpy ( initResName,CA[0]->GetResName() );
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:336:27: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if (!endResName[0]) strcpy ( endResName ,CA[nres-1]->GetResName() );
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:365:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf ( S,"%i[%s]",Helix->serNum,Helix->helixID );
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:369:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( vertexID ,Helix->helixID );
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:370:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( chainID ,Helix->initChainID );
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:371:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( initResName,Helix->initResName );
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:372:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( initICode ,Helix->initICode );
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:373:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( endResName ,Helix->endResName );
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:374:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( endICode ,Helix->endICode );
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:394:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf ( S,"%s[%i]",Strand->sheetID,Strand->strandNo );
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:398:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( vertexID ,Strand->sheetID );
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:399:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( chainID ,Strand->initChainID );
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:400:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( initResName,Strand->initResName );
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:401:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( initICode ,Strand->initICode );
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:402:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( endResName ,Strand->endResName );
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:403:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( endICode ,Strand->endICode );
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:435:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if (chID) strcpy ( chainID,chID );
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:437:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if (iCode1) strcpy ( initICode,iCode1 );
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:439:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if (iCode2) strcpy ( endICode,iCode2 );
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:625:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
case V_HELIX : sprintf ( S,"%3i HELIX %8s %2i %3i",
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:628:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
case V_STRAND : sprintf ( S,"%3i STRAND %8s %3i",
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:646:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf ( S,"%3i|H%2s%3i|%1s|%3s%4i%1s|%3s%4i%1s|",
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:651:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf ( S,"%3i|SD%4i|%1s|%3s%4i%1s|%3s%4i%1s|",
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:667:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( chID,chainID );
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:668:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( name1,initResName );
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:670:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( insCode1,initICode );
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:671:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( name2,endResName );
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:673:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( insCode2,endICode );
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:718:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( vertexID ,v->vertexID );
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:719:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( chainID ,v->chainID );
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:720:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( initResName,v->initResName );
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:721:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( initICode ,v->initICode );
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:722:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( endResName ,v->endResName );
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:723:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( endICode ,v->endICode );
data/ssm-1.4.0/sup_multiple.cpp:77:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf ( S,fmt,m[i][j] );
data/ssm-1.4.0/sup_multiple.cpp:105:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf ( S,fmt,m[i][j] );
data/ssm-1.4.0/superpose.cpp:110:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (
data/ssm-1.4.0/ssm/ssm_align.cpp:700:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sse[2],hp[2],ch[3],S[200];
data/ssm-1.4.0/ssm/ssm_align.cpp:731:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char S[100],SI[10];
data/ssm-1.4.0/ssm/ssm_align.cpp:744:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 5 : strcpy ( SI,"*****" ); break;
data/ssm-1.4.0/ssm/ssm_align.cpp:745:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 4 : strcpy ( SI,"+++++" ); break;
data/ssm-1.4.0/ssm/ssm_align.cpp:746:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 3 : strcpy ( SI,"=====" ); break;
data/ssm-1.4.0/ssm/ssm_align.cpp:747:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 2 : strcpy ( SI,"-----" ); break;
data/ssm-1.4.0/ssm/ssm_align.cpp:748:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 1 : strcpy ( SI,":::::" ); break;
data/ssm-1.4.0/ssm/ssm_align.cpp:750:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 0 : strcpy ( SI,"....." ); break;
data/ssm-1.4.0/ssm/ssm_align.cpp:847:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rn1[10];
data/ssm-1.4.0/ssm/ssm_align.cpp:848:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rn2[10];
data/ssm-1.4.0/ssm/ssm_graph.cpp:285:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char N[100];
data/ssm-1.4.0/ssm/ssm_graph.cpp:288:29: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if (!V[0]->chainID[0]) strcpy ( S,"''" );
data/ssm-1.4.0/ssm/ssm_graph.cpp:292:31: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if (!V[i]->chainID[0]) strcpy ( N,"''" );
data/ssm-1.4.0/ssm/ssm_malign.cpp:803:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char L[100];
data/ssm-1.4.0/ssm/ssm_malign.cpp:817:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf ( L,"S%03i",i+1 );
data/ssm-1.4.0/ssm/ssm_malign.cpp:873:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char L[10];
data/ssm-1.4.0/ssm/ssm_malign.cpp:902:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char L[10],SS[500],N[300];
data/ssm-1.4.0/ssm/ssm_malign.cpp:908:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat ( SS," " );
data/ssm-1.4.0/ssm/ssm_malign.cpp:910:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat ( SS," " );
data/ssm-1.4.0/ssm/ssm_malign.cpp:924:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf ( SS,"%2i.",i );
data/ssm-1.4.0/ssm/ssm_malign.cpp:935:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat ( SS," " );
data/ssm-1.4.0/ssm/ssm_malign.cpp:940:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy ( SS," " );
data/ssm-1.4.0/ssm/ssm_malign.cpp:957:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char N[200],L[20];
data/ssm-1.4.0/ssm/ssm_malign.cpp:995:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy ( N," " );
data/ssm-1.4.0/ssm/ssm_malign.cpp:2421:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char L[100],SS[4];
data/ssm-1.4.0/ssm/ssm_malign.cpp:2452:14: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy ( SS,"H|" );
data/ssm-1.4.0/ssm/ssm_malign.cpp:2454:14: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy ( SS,"S|" );
data/ssm-1.4.0/ssm/ssm_malign.cpp:2455:14: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else strcpy ( SS," " );
data/ssm-1.4.0/ssm/ssm_malign.cpp:2460:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy ( L," " );
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:357:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char S[200];
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:386:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char S[200];
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:416:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char S[200];
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:426:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf ( S,"%i[]",serNum );
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:427:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf ( vertexID,"HX%i",serNum );
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:429:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf ( S,"[%i]",serNum );
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:430:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf ( vertexID,"SD%i",serNum );
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:637:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char HType[5];
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:640:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf ( HType,"%i",classID );
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:645:22: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if (HType[2]) strcpy ( HType,"**" );
data/ssm-1.4.0/sup_multiple.cpp:64:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char S[100];
data/ssm-1.4.0/superpose.cpp:152:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char S[500];
data/ssm-1.4.0/ssm/ssm_align.cpp:340:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void ssm::Align::read ( mmdb::io::RFile f ) {
data/ssm-1.4.0/ssm/ssm_align.cpp:859:15: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
else strcpy ( rn1,"-" );
data/ssm-1.4.0/ssm/ssm_align.cpp:862:15: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
else strcpy ( rn2,"-" );
data/ssm-1.4.0/ssm/ssm_align.cpp:871:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy ( rn1,"-" );
data/ssm-1.4.0/ssm/ssm_align.cpp:872:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy ( rn2,"-" );
data/ssm-1.4.0/ssm/ssm_align.h:101:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read ( mmdb::io::RFile f );
data/ssm-1.4.0/ssm/ssm_csia.cpp:216:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void ssm::Match::read ( mmdb::io::RFile f ) {
data/ssm-1.4.0/ssm/ssm_csia.cpp:937:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void ssm::GraphMatch::read ( mmdb::io::RFile f ) {
data/ssm-1.4.0/ssm/ssm_csia.cpp:948:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
match[i]->read ( f );
data/ssm-1.4.0/ssm/ssm_csia.h:90:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read ( mmdb::io::RFile f );
data/ssm-1.4.0/ssm/ssm_csia.h:139:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read ( mmdb::io::RFile f );
data/ssm-1.4.0/ssm/ssm_graph.cpp:79:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy ( devChain," " );
data/ssm-1.4.0/ssm/ssm_graph.cpp:202:30: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if (i>0) strcat ( S,"," );
data/ssm-1.4.0/ssm/ssm_graph.cpp:290:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat ( S,"," );
data/ssm-1.4.0/ssm/ssm_graph.cpp:294:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat ( N,"," );
data/ssm-1.4.0/ssm/ssm_graph.cpp:298:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else S[strlen(S)-1] = char(0);
data/ssm-1.4.0/ssm/ssm_graph.cpp:1099:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void ssm::Graph::read ( mmdb::io::RFile f ) {
data/ssm-1.4.0/ssm/ssm_graph.h:180:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read ( mmdb::io::RFile f );
data/ssm-1.4.0/ssm/ssm_malign.cpp:375:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void ssm::MSSEOutput::read ( mmdb::io::RFile f ) {
data/ssm-1.4.0/ssm/ssm_malign.cpp:408:20: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
if (!chID[0]) strcpy ( chID," " );
data/ssm-1.4.0/ssm/ssm_malign.cpp:436:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void ssm::MAOutput::read ( mmdb::io::RFile f ) {
data/ssm-1.4.0/ssm/ssm_malign.cpp:886:14: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy ( L,"H" );
data/ssm-1.4.0/ssm/ssm_malign.cpp:887:14: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
else strcpy ( L,"S" );
data/ssm-1.4.0/ssm/ssm_malign.cpp:905:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy ( SS,"" );
data/ssm-1.4.0/ssm/ssm_malign.cpp:915:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy ( SS,"" );
data/ssm-1.4.0/ssm/ssm_malign.cpp:928:14: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy ( L,"H" );
data/ssm-1.4.0/ssm/ssm_malign.cpp:929:14: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
else strcpy ( L,"S" );
data/ssm-1.4.0/ssm/ssm_malign.cpp:944:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(SS)>2) writeDebug ( SS );
data/ssm-1.4.0/ssm/ssm_malign.cpp:999:30: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
case V_HELIX : strcpy ( L,"H" ); break;
data/ssm-1.4.0/ssm/ssm_malign.cpp:1000:30: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
case V_STRAND : strcpy ( L,"S" ); break;
data/ssm-1.4.0/ssm/ssm_malign.cpp:1001:30: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
default : strcpy ( L,"X" ); break;
data/ssm-1.4.0/ssm/ssm_malign.cpp:1008:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (strlen(N)<16) strcat ( N,"*" );
data/ssm-1.4.0/ssm/ssm_malign.cpp:1008:41: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
while (strlen(N)<16) strcat ( N,"*" );
data/ssm-1.4.0/ssm/ssm_malign.cpp:1009:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else while (strlen(N)<16) strcat ( N," " );
data/ssm-1.4.0/ssm/ssm_malign.cpp:1009:41: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
else while (strlen(N)<16) strcat ( N," " );
data/ssm-1.4.0/ssm/ssm_malign.cpp:1258:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy ( chID,"A" );
data/ssm-1.4.0/ssm/ssm_malign.cpp:2569:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void ssm::MultAlign::read ( mmdb::io::RFile ) {
data/ssm-1.4.0/ssm/ssm_malign.h:125:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read ( mmdb::io::RFile f );
data/ssm-1.4.0/ssm/ssm_malign.h:145:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read ( mmdb::io::RFile f );
data/ssm-1.4.0/ssm/ssm_malign.h:263:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read ( mmdb::io::RFile f );
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:273:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy ( vertexID ,"" ); // helix ID or sheet ID
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:274:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy ( chainID ,"" ); // chain ID (only for identification)
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:275:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy ( initResName,"" ); // name of the strand's initial residue
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:276:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy ( initICode ,"" ); // insertion code of the initial residue
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:277:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy ( endResName ,"" ); // name of the strand's terminal residue
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:278:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy ( endICode ,"" ); // insertion code of the terminal residue
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:631:21: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
default : strcpy ( S,"" );
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:655:21: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
default : strcpy ( S,"" );
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:772:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void ssm::Vertex::read ( mmdb::io::RFile f ) {
data/ssm-1.4.0/ssm/ssm_vxedge.cpp:1165:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void ssm::Edge::read ( mmdb::io::RFile f ) {
data/ssm-1.4.0/ssm/ssm_vxedge.h:129:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read ( mmdb::io::RFile f );
data/ssm-1.4.0/ssm/ssm_vxedge.h:214:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read ( mmdb::io::RFile f );
data/ssm-1.4.0/sup_multiple.cpp:68:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=0;i<(int)strlen(name);i++)
data/ssm-1.4.0/sup_multiple.cpp:73:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
k = strlen(G[0]->GetGraphName());
data/ssm-1.4.0/sup_multiple.cpp:78:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = mmdb::IMax ( n,strlen(S) );
data/ssm-1.4.0/sup_multiple.cpp:141:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nc = mmdb::IMax ( nc,strlen(name[i])+strlen(selstring[i]) );
data/ssm-1.4.0/sup_multiple.cpp:141:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nc = mmdb::IMax ( nc,strlen(name[i])+strlen(selstring[i]) );
ANALYSIS SUMMARY:
Hits = 185
Lines analyzed = 12686 in approximately 0.32 seconds (39567 lines/second)
Physical Source Lines of Code (SLOC) = 9117
Hits@level = [0] 98 [1] 57 [2] 41 [3] 0 [4] 87 [5] 0
Hits@level+ = [0+] 283 [1+] 185 [2+] 128 [3+] 87 [4+] 87 [5+] 0
Hits/KSLOC@level+ = [0+] 31.0409 [1+] 20.2918 [2+] 14.0397 [3+] 9.54261 [4+] 9.54261 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.