Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/adapterremoval-2.3.1/include/ar/adapterremoval.hpp
Examining data/adapterremoval-2.3.1/src/adapterset.cpp
Examining data/adapterremoval-2.3.1/src/adapterset.hpp
Examining data/adapterremoval-2.3.1/src/alignment.cpp
Examining data/adapterremoval-2.3.1/src/alignment.hpp
Examining data/adapterremoval-2.3.1/src/argparse.cpp
Examining data/adapterremoval-2.3.1/src/argparse.hpp
Examining data/adapterremoval-2.3.1/src/barcode_table.cpp
Examining data/adapterremoval-2.3.1/src/barcode_table.hpp
Examining data/adapterremoval-2.3.1/src/commontypes.hpp
Examining data/adapterremoval-2.3.1/src/debug.cpp
Examining data/adapterremoval-2.3.1/src/debug.hpp
Examining data/adapterremoval-2.3.1/src/demultiplex.cpp
Examining data/adapterremoval-2.3.1/src/demultiplex.hpp
Examining data/adapterremoval-2.3.1/src/fastq.cpp
Examining data/adapterremoval-2.3.1/src/fastq.hpp
Examining data/adapterremoval-2.3.1/src/fastq_enc.cpp
Examining data/adapterremoval-2.3.1/src/fastq_enc.hpp
Examining data/adapterremoval-2.3.1/src/fastq_io.cpp
Examining data/adapterremoval-2.3.1/src/fastq_io.hpp
Examining data/adapterremoval-2.3.1/src/linereader.cpp
Examining data/adapterremoval-2.3.1/src/linereader.hpp
Examining data/adapterremoval-2.3.1/src/linereader_joined.cpp
Examining data/adapterremoval-2.3.1/src/linereader_joined.hpp
Examining data/adapterremoval-2.3.1/src/main.cpp
Examining data/adapterremoval-2.3.1/src/main.hpp
Examining data/adapterremoval-2.3.1/src/main_adapter_id.cpp
Examining data/adapterremoval-2.3.1/src/main_adapter_rm.cpp
Examining data/adapterremoval-2.3.1/src/main_demultiplex.cpp
Examining data/adapterremoval-2.3.1/src/managed_writer.cpp
Examining data/adapterremoval-2.3.1/src/managed_writer.hpp
Examining data/adapterremoval-2.3.1/src/scheduler.cpp
Examining data/adapterremoval-2.3.1/src/scheduler.hpp
Examining data/adapterremoval-2.3.1/src/statistics.hpp
Examining data/adapterremoval-2.3.1/src/strutils.cpp
Examining data/adapterremoval-2.3.1/src/strutils.hpp
Examining data/adapterremoval-2.3.1/src/threads.cpp
Examining data/adapterremoval-2.3.1/src/threads.hpp
Examining data/adapterremoval-2.3.1/src/timer.cpp
Examining data/adapterremoval-2.3.1/src/timer.hpp
Examining data/adapterremoval-2.3.1/src/trimmed_reads.cpp
Examining data/adapterremoval-2.3.1/src/trimmed_reads.hpp
Examining data/adapterremoval-2.3.1/src/userconfig.cpp
Examining data/adapterremoval-2.3.1/src/userconfig.hpp
Examining data/adapterremoval-2.3.1/src/vecutils.hpp
Examining data/adapterremoval-2.3.1/src/alignment_tables.cpp
Examining data/adapterremoval-2.3.1/src/alignment_tables.hpp
Examining data/adapterremoval-2.3.1/tests/unit/alignment_test.cpp
Examining data/adapterremoval-2.3.1/tests/unit/argparse_test.cpp
Examining data/adapterremoval-2.3.1/tests/unit/barcodes_test.cpp
Examining data/adapterremoval-2.3.1/tests/unit/catch.hpp
Examining data/adapterremoval-2.3.1/tests/unit/fastq_enc_test.cpp
Examining data/adapterremoval-2.3.1/tests/unit/fastq_test.cpp
Examining data/adapterremoval-2.3.1/tests/unit/main_test.cpp
Examining data/adapterremoval-2.3.1/tests/unit/strutils_test.cpp
Examining data/adapterremoval-2.3.1/tests/unit/testing.hpp
FINAL RESULTS:
data/adapterremoval-2.3.1/tests/unit/catch.hpp:9704:18: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
std::srand( config.rngSeed() );
data/adapterremoval-2.3.1/src/alignment_tables.cpp:85:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const signed char IDENTICAL_NTS[PHRED_TABLE_SIZE] = {
data/adapterremoval-2.3.1/src/alignment_tables.cpp:182:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const signed char DIFFERENT_NTS[PHRED_TABLE_SIZE] = {
data/adapterremoval-2.3.1/src/alignment_tables.hpp:40:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const signed char IDENTICAL_NTS[PHRED_TABLE_SIZE];
data/adapterremoval-2.3.1/src/alignment_tables.hpp:48:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const signed char DIFFERENT_NTS[PHRED_TABLE_SIZE];
data/adapterremoval-2.3.1/src/fastq_io.cpp:343:14: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(input_buffer_ptr, line.data(), line.size());
data/adapterremoval-2.3.1/src/linereader.cpp:100:28: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
: m_file(managed_writer::fopen(fpath, "rb"))
data/adapterremoval-2.3.1/src/managed_writer.cpp:62:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* managed_writer::fopen(const std::string& filename, const char* mode)
data/adapterremoval-2.3.1/src/managed_writer.cpp:67:26: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* handle = ::fopen(filename.c_str(), mode);
data/adapterremoval-2.3.1/src/managed_writer.cpp:135:27: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ptr->m_stream.open(ptr->m_filename, std::ofstream::binary | mode);
data/adapterremoval-2.3.1/src/managed_writer.hpp:61:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
static FILE* fopen(const std::string& filename, const char* mode);
data/adapterremoval-2.3.1/tests/unit/catch.hpp:1804:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timeStamp[timeStampSize];
data/adapterremoval-2.3.1/tests/unit/catch.hpp:4609:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
alignas(alignof(T)) char storage[sizeof(T)];
data/adapterremoval-2.3.1/tests/unit/catch.hpp:5068:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char line[CATCH_CONFIG_CONSOLE_WIDTH] = {0};
data/adapterremoval-2.3.1/tests/unit/catch.hpp:5631:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void open();
data/adapterremoval-2.3.1/tests/unit/catch.hpp:9111:14: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(&i, &f, sizeof(f));
data/adapterremoval-2.3.1/tests/unit/catch.hpp:9120:14: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(&i, &d, sizeof(d));
data/adapterremoval-2.3.1/tests/unit/catch.hpp:9513:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_buffer[L_tmpnam] = { 0 };
data/adapterremoval-2.3.1/tests/unit/catch.hpp:9590:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/adapterremoval-2.3.1/tests/unit/catch.hpp:9599:23: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
m_file = std::tmpfile();
data/adapterremoval-2.3.1/tests/unit/catch.hpp:9623:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100] = {};
data/adapterremoval-2.3.1/tests/unit/catch.hpp:10039:30: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tracker->open();
data/adapterremoval-2.3.1/tests/unit/catch.hpp:10785:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char **utf8Argv = new char *[ argc ];
data/adapterremoval-2.3.1/tests/unit/catch.hpp:10939:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[bufferSize];
data/adapterremoval-2.3.1/tests/unit/catch.hpp:10988:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
m_ofs.open( filename.c_str() );
data/adapterremoval-2.3.1/tests/unit/catch.hpp:11219:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( m_data, m_start, m_size );
data/adapterremoval-2.3.1/tests/unit/catch.hpp:11732:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void TrackerBase::open() {
data/adapterremoval-2.3.1/tests/unit/catch.hpp:11832:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open();
data/adapterremoval-2.3.1/tests/unit/catch.hpp:12117:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char asChar[sizeof (int)];
data/adapterremoval-2.3.1/tests/unit/catch.hpp:12774:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[maxDoubleSize];
data/adapterremoval-2.3.1/tests/unit/catch.hpp:12781:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%.3f", duration);
data/adapterremoval-2.3.1/tests/unit/catch.hpp:13349:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void open() {
data/adapterremoval-2.3.1/tests/unit/catch.hpp:13378:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tp.open();
data/adapterremoval-2.3.1/tests/unit/catch.hpp:13724:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timeStamp[timeStampSize];
data/adapterremoval-2.3.1/src/alignment.cpp:288:57: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
alignment_info align_single_ended_sequence(const fastq& read,
data/adapterremoval-2.3.1/src/alignment.cpp:297:67: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.sequence(),
data/adapterremoval-2.3.1/src/alignment.cpp:353:44: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fastq& read)
data/adapterremoval-2.3.1/src/alignment.cpp:359:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read.truncate(0, len);
data/adapterremoval-2.3.1/src/alignment.hpp:128:57: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
alignment_info align_single_ended_sequence(const fastq& read,
data/adapterremoval-2.3.1/src/alignment.hpp:164:44: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fastq& read);
data/adapterremoval-2.3.1/src/demultiplex.cpp:118:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for (const auto& read : read_chunk->reads_1) {
data/adapterremoval-2.3.1/src/demultiplex.cpp:119:59: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const int best_barcode = m_barcode_table.identify(read);
data/adapterremoval-2.3.1/src/demultiplex.cpp:122:66: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
m_unidentified_1->add(*m_config->quality_output_fmt, read);
data/adapterremoval-2.3.1/src/demultiplex.cpp:131:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
dst->reads_1.push_back(read);
data/adapterremoval-2.3.1/src/fastq.cpp:67:47: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inline mate_info get_and_fix_mate_info(fastq& read, char mate_separator)
data/adapterremoval-2.3.1/src/fastq.cpp:70:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
std::string& header = read.m_header;
data/adapterremoval-2.3.1/src/fastq.cpp:294:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool fastq::read(line_reader_base& reader, const fastq_encoding& encoding)
data/adapterremoval-2.3.1/src/fastq.hpp:168:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(line_reader_base& reader,
data/adapterremoval-2.3.1/src/fastq.hpp:213:51: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
friend mate_info get_and_fix_mate_info(fastq& read, char mate_separator);
data/adapterremoval-2.3.1/src/fastq_io.cpp:45:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (record.read(reader, encoding)) {
data/adapterremoval-2.3.1/src/fastq_io.cpp:99:43: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const fastq& read, size_t count_)
data/adapterremoval-2.3.1/src/fastq_io.cpp:102:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
reads.push_back(read.to_str(encoding));
data/adapterremoval-2.3.1/src/fastq_io.cpp:267:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (record.read(m_io_input, *m_encoding)) {
data/adapterremoval-2.3.1/src/fastq_io.cpp:274:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (record.read(m_io_input, *m_encoding)) {
data/adapterremoval-2.3.1/src/fastq_io.hpp:90:59: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void add(const fastq_encoding& encoding, const fastq& read, size_t count = 1);
data/adapterremoval-2.3.1/src/main_adapter_rm.cpp:289:68: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void trim_read_termini_if_enabled(const userconfig& config, fastq& read, read_type type)
data/adapterremoval-2.3.1/src/main_adapter_rm.cpp:320:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (trim_5p + trim_3p < read.length()) {
data/adapterremoval-2.3.1/src/main_adapter_rm.cpp:321:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.truncate(trim_5p, read.length() - std::min(read.length(), trim_5p + trim_3p));
data/adapterremoval-2.3.1/src/main_adapter_rm.cpp:321:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.truncate(trim_5p, read.length() - std::min(read.length(), trim_5p + trim_3p));
data/adapterremoval-2.3.1/src/main_adapter_rm.cpp:321:61: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.truncate(trim_5p, read.length() - std::min(read.length(), trim_5p + trim_3p));
data/adapterremoval-2.3.1/src/main_adapter_rm.cpp:323:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.truncate(0, 0);
data/adapterremoval-2.3.1/src/main_adapter_rm.cpp:330:86: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fastq::ntrimmed trim_sequence_by_quality_if_enabled(const userconfig& config, fastq& read)
data/adapterremoval-2.3.1/src/main_adapter_rm.cpp:333:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read.trim_windowed_bases(config.trim_ambiguous_bases,
data/adapterremoval-2.3.1/src/main_adapter_rm.cpp:340:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read.trim_trailing_bases(config.trim_ambiguous_bases,
data/adapterremoval-2.3.1/src/main_adapter_rm.cpp:461:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for (auto& read : read_chunk->reads_1) {
data/adapterremoval-2.3.1/src/main_adapter_rm.cpp:462:74: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const alignment_info alignment = align_single_ended_sequence(read, m_adapters, m_config.shift);
data/adapterremoval-2.3.1/src/main_adapter_rm.cpp:465:59: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
truncate_single_ended_sequence(alignment, read);
data/adapterremoval-2.3.1/src/main_adapter_rm.cpp:470:62: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
process_collapsed_read(m_config, *stats, read, nullptr, chunks);
data/adapterremoval-2.3.1/src/main_adapter_rm.cpp:477:52: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
trim_read_termini_if_enabled(m_config, read, read_type::mate_1);
data/adapterremoval-2.3.1/src/main_adapter_rm.cpp:478:59: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
trim_sequence_by_quality_if_enabled(m_config, read);
data/adapterremoval-2.3.1/src/main_adapter_rm.cpp:479:45: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (m_config.is_acceptable_read(read)) {
data/adapterremoval-2.3.1/src/main_adapter_rm.cpp:482:55: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stats->total_number_of_nucleotides += read.length();
data/adapterremoval-2.3.1/src/main_adapter_rm.cpp:484:40: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
chunks.add_mate_1_read(read, read_status::passed);
data/adapterremoval-2.3.1/src/main_adapter_rm.cpp:485:60: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stats->inc_length_count(read_type::mate_1, read.length());
data/adapterremoval-2.3.1/src/main_adapter_rm.cpp:488:63: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stats->inc_length_count(read_type::discarded, read.length());
data/adapterremoval-2.3.1/src/main_adapter_rm.cpp:490:40: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
chunks.add_mate_1_read(read, read_status::failed);
data/adapterremoval-2.3.1/src/main_demultiplex.cpp:199:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for (const auto& read : read_chunk->reads_1) {
data/adapterremoval-2.3.1/src/main_demultiplex.cpp:200:62: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
encoded_reads->add(*m_config.quality_output_fmt, read);
data/adapterremoval-2.3.1/src/trimmed_reads.cpp:75:44: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void trimmed_reads::add_mate_1_read(fastq& read, read_status state,
data/adapterremoval-2.3.1/src/trimmed_reads.cpp:79:41: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
distribute_read(m_mate_1, m_mate_1, read, state, read_status::passed, read_count);
data/adapterremoval-2.3.1/src/trimmed_reads.cpp:83:44: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void trimmed_reads::add_mate_2_read(fastq& read, read_status state,
data/adapterremoval-2.3.1/src/trimmed_reads.cpp:87:41: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
distribute_read(m_mate_2, m_mate_1, read, state, read_status::passed, read_count);
data/adapterremoval-2.3.1/src/trimmed_reads.cpp:99:47: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void trimmed_reads::add_collapsed_read(fastq& read,
data/adapterremoval-2.3.1/src/trimmed_reads.cpp:106:47: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
distribute_read(destination, destination, read, state, read_status::passed, read_count);
data/adapterremoval-2.3.1/src/trimmed_reads.cpp:110:57: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void trimmed_reads::add_collapsed_truncated_read(fastq& read,
data/adapterremoval-2.3.1/src/trimmed_reads.cpp:117:47: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
distribute_read(destination, destination, read, state, read_status::passed, read_count);
data/adapterremoval-2.3.1/src/trimmed_reads.cpp:138:44: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fastq& read,
data/adapterremoval-2.3.1/src/trimmed_reads.cpp:146:46: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
interleaved->add(m_encoding, read, read_count);
data/adapterremoval-2.3.1/src/trimmed_reads.cpp:148:42: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
regular->add(m_encoding, read, read_count);
data/adapterremoval-2.3.1/src/trimmed_reads.cpp:151:42: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
m_singleton->add(m_encoding, read, read_count);
data/adapterremoval-2.3.1/src/trimmed_reads.cpp:154:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.discard();
data/adapterremoval-2.3.1/src/trimmed_reads.cpp:157:42: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
interleaved->add(m_encoding, read, read_count);
data/adapterremoval-2.3.1/src/trimmed_reads.cpp:159:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
regular->add(m_encoding, read, read_count);
data/adapterremoval-2.3.1/src/trimmed_reads.cpp:162:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
m_discarded->add(m_encoding, read, read_count);
data/adapterremoval-2.3.1/src/trimmed_reads.hpp:79:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void add_mate_1_read(fastq& read, read_status state, size_t read_count = 1);
data/adapterremoval-2.3.1/src/trimmed_reads.hpp:90:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void add_mate_2_read(fastq& read, read_status state, size_t read_count = 1);
data/adapterremoval-2.3.1/src/trimmed_reads.hpp:115:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void add_collapsed_read(fastq& read, read_status, size_t read_count = 1);
data/adapterremoval-2.3.1/src/trimmed_reads.hpp:126:46: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void add_collapsed_truncated_read(fastq& read, read_status state, size_t read_count = 1);
data/adapterremoval-2.3.1/src/trimmed_reads.hpp:147:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fastq& read,
data/adapterremoval-2.3.1/tests/unit/catch.hpp:10814:36: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
static_cast<void>(std::getchar());
data/adapterremoval-2.3.1/tests/unit/catch.hpp:10819:36: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
static_cast<void>(std::getchar());
data/adapterremoval-2.3.1/tests/unit/catch.hpp:11110:50: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
return s.size() >= prefix.size() && std::equal(prefix.begin(), prefix.end(), s.begin());
data/adapterremoval-2.3.1/tests/unit/catch.hpp:11116:50: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
return s.size() >= suffix.size() && std::equal(suffix.rbegin(), suffix.rend(), s.rbegin());
data/adapterremoval-2.3.1/tests/unit/catch.hpp:11187:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
: StringRef( rawChars, static_cast<StringRef::size_type>(std::strlen(rawChars) ) )
data/adapterremoval-2.3.1/tests/unit/fastq_test.cpp:798:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
CHECK(record.read(reader, FASTQ_ENCODING_33));
data/adapterremoval-2.3.1/tests/unit/fastq_test.cpp:818:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
CHECK(record.read(reader, FASTQ_ENCODING_33));
data/adapterremoval-2.3.1/tests/unit/fastq_test.cpp:822:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
CHECK(record.read(reader, FASTQ_ENCODING_33));
data/adapterremoval-2.3.1/tests/unit/fastq_test.cpp:826:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
CHECK(!record.read(reader, FASTQ_ENCODING_33));
data/adapterremoval-2.3.1/tests/unit/fastq_test.cpp:840:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
CHECK(record.read(reader, FASTQ_ENCODING_33));
data/adapterremoval-2.3.1/tests/unit/fastq_test.cpp:844:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
CHECK(!record.read(reader, FASTQ_ENCODING_33));
data/adapterremoval-2.3.1/tests/unit/fastq_test.cpp:858:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
CHECK(record.read(reader, FASTQ_ENCODING_33));
data/adapterremoval-2.3.1/tests/unit/fastq_test.cpp:862:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
CHECK(!record.read(reader, FASTQ_ENCODING_33));
data/adapterremoval-2.3.1/tests/unit/fastq_test.cpp:876:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
REQUIRE_THROWS_AS(record.read(reader, FASTQ_ENCODING_33), fastq_error);
data/adapterremoval-2.3.1/tests/unit/fastq_test.cpp:890:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
REQUIRE_THROWS_AS(record.read(reader, FASTQ_ENCODING_33), fastq_error);
data/adapterremoval-2.3.1/tests/unit/fastq_test.cpp:904:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
REQUIRE_THROWS_AS(record.read(reader, FASTQ_ENCODING_33), fastq_error);
data/adapterremoval-2.3.1/tests/unit/fastq_test.cpp:918:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
REQUIRE_THROWS_AS(record.read(reader, FASTQ_ENCODING_33), fastq_error);
data/adapterremoval-2.3.1/tests/unit/fastq_test.cpp:928:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
CHECK(!record.read(reader));
data/adapterremoval-2.3.1/tests/unit/fastq_test.cpp:939:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
REQUIRE_THROWS_AS(record.read(reader), fastq_error);
data/adapterremoval-2.3.1/tests/unit/fastq_test.cpp:951:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
REQUIRE_THROWS_AS(record.read(reader), fastq_error);
data/adapterremoval-2.3.1/tests/unit/fastq_test.cpp:964:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
REQUIRE_THROWS_AS(record.read(reader), fastq_error);
data/adapterremoval-2.3.1/tests/unit/fastq_test.cpp:977:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
REQUIRE_THROWS_AS(record.read(reader), fastq_error);
data/adapterremoval-2.3.1/tests/unit/fastq_test.cpp:991:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
REQUIRE_THROWS_AS(record.read(reader), fastq_error);
data/adapterremoval-2.3.1/tests/unit/fastq_test.cpp:1008:28: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
REQUIRE_NOTHROW(record.read(reader));
data/adapterremoval-2.3.1/tests/unit/fastq_test.cpp:1009:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
REQUIRE_THROWS_AS(record.read(reader), fastq_error);
data/adapterremoval-2.3.1/tests/unit/fastq_test.cpp:1027:28: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
REQUIRE_NOTHROW(record.read(reader));
data/adapterremoval-2.3.1/tests/unit/fastq_test.cpp:1028:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
REQUIRE_THROWS_AS(record.read(reader), fastq_error);
ANALYSIS SUMMARY:
Hits = 126
Lines analyzed = 30859 in approximately 0.95 seconds (32389 lines/second)
Physical Source Lines of Code (SLOC) = 21268
Hits@level = [0] 1 [1] 92 [2] 33 [3] 1 [4] 0 [5] 0
Hits@level+ = [0+] 127 [1+] 126 [2+] 34 [3+] 1 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 5.97141 [1+] 5.92439 [2+] 1.59865 [3+] 0.047019 [4+] 0 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.