Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/autoclass-3.3.6.dfsg.1/data/tests.c Examining data/autoclass-3.3.6.dfsg.1/prog/globals.h Examining data/autoclass-3.3.6.dfsg.1/prog/autoclass.make.alpha.cc Examining data/autoclass-3.3.6.dfsg.1/prog/globals.c Examining data/autoclass-3.3.6.dfsg.1/prog/model-update.c Examining data/autoclass-3.3.6.dfsg.1/prog/intf-sigma-contours.c Examining data/autoclass-3.3.6.dfsg.1/prog/init.c Examining data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c Examining data/autoclass-3.3.6.dfsg.1/prog/statistics.c Examining data/autoclass-3.3.6.dfsg.1/prog/intf-extensions.c Examining data/autoclass-3.3.6.dfsg.1/prog/struct-model.c Examining data/autoclass-3.3.6.dfsg.1/prog/autoclass.make.solaris.cc Examining data/autoclass-3.3.6.dfsg.1/prog/autoclass.h Examining data/autoclass-3.3.6.dfsg.1/prog/minmax.h Examining data/autoclass-3.3.6.dfsg.1/prog/search-converge.c Examining data/autoclass-3.3.6.dfsg.1/prog/struct-clsf.c Examining data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c Examining data/autoclass-3.3.6.dfsg.1/prog/model-single-multinomial.c Examining data/autoclass-3.3.6.dfsg.1/prog/params.h Examining data/autoclass-3.3.6.dfsg.1/prog/model-single-normal-cn.c Examining data/autoclass-3.3.6.dfsg.1/prog/search-control.c Examining data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c Examining data/autoclass-3.3.6.dfsg.1/prog/model-expander-3.c Examining data/autoclass-3.3.6.dfsg.1/prog/getparams.c Examining data/autoclass-3.3.6.dfsg.1/prog/getparams.h Examining data/autoclass-3.3.6.dfsg.1/prog/matrix-utilities.c Examining data/autoclass-3.3.6.dfsg.1/prog/model-transforms.c Examining data/autoclass-3.3.6.dfsg.1/prog/model-multi-normal-cn.c Examining data/autoclass-3.3.6.dfsg.1/prog/utils.c Examining data/autoclass-3.3.6.dfsg.1/prog/io-results-bin.c Examining data/autoclass-3.3.6.dfsg.1/prog/struct-data.c Examining data/autoclass-3.3.6.dfsg.1/prog/autoclass.make.hp.cc Examining data/autoclass-3.3.6.dfsg.1/prog/struct-matrix.c Examining data/autoclass-3.3.6.dfsg.1/prog/intf-influence-values.c Examining data/autoclass-3.3.6.dfsg.1/prog/autoclass.c Examining data/autoclass-3.3.6.dfsg.1/prog/utils-math.c Examining data/autoclass-3.3.6.dfsg.1/prog/search-basic.c Examining data/autoclass-3.3.6.dfsg.1/prog/io-read-model.c Examining data/autoclass-3.3.6.dfsg.1/prog/struct-class.c Examining data/autoclass-3.3.6.dfsg.1/prog/predictions.c Examining data/autoclass-3.3.6.dfsg.1/prog/io-results.c Examining data/autoclass-3.3.6.dfsg.1/prog/model-single-normal-cm.c Examining data/autoclass-3.3.6.dfsg.1/prog/prints.c Examining data/autoclass-3.3.6.dfsg.1/prog/fcntlcom-ac.h Examining data/autoclass-3.3.6.dfsg.1/sample/read.me.c Examining data/autoclass-3.3.6.dfsg.1/debian/simple.c FINAL RESULTS: data/autoclass-3.3.6.dfsg.1/prog/getparams.c:134:13: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf(bp, "%s", input_string); data/autoclass-3.3.6.dfsg.1/prog/getparams.c:150:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( (char *) pp->paramptr_overridden, string_char_paramptr); data/autoclass-3.3.6.dfsg.1/prog/getparams.c:178:13: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf(bp, "%s", input_string); data/autoclass-3.3.6.dfsg.1/prog/getparams.c:189:13: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf(bp, "%s", input_string); data/autoclass-3.3.6.dfsg.1/prog/getparams.c:200:13: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf(bp, "%s", input_string); data/autoclass-3.3.6.dfsg.1/prog/getparams.c:243:15: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf(bp, "%s", input_string); data/autoclass-3.3.6.dfsg.1/prog/getparams.c:288:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( params[nparams].paramname, name); data/autoclass-3.3.6.dfsg.1/prog/init.c:57:6: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat( G_absolute_pathname, slash); data/autoclass-3.3.6.dfsg.1/prog/init.c:61:6: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat( G_absolute_pathname, slash); data/autoclass-3.3.6.dfsg.1/prog/intf-extensions.c:68:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( clsf->reports->current_results, results_file_ptr); data/autoclass-3.3.6.dfsg.1/prog/intf-extensions.c:191:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( att_model_term_type_array[i_att], integer_p ? data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:414:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( influence_report_pathname, influ_vals_file_ptr); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:428:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat( influence_report_pathname, clsf_num_string); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:529:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( xref_case_report_pathname, xref_case_file_ptr); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:538:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat( xref_case_report_pathname, clsf_num_string); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:579:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( xref_class_report_pathname, xref_class_file_ptr); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:588:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat( xref_class_report_pathname, clsf_num_string); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:735:11: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( discrete_attribute_data[n_discrete_att - 1], data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:1104:13: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf( xref_report_fp, divider_format, blank); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:1111:7: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf( xref_report_fp, dashed_line); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:1277:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( report_attribute_strings[i]->att_dscrp, att_dscrp); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:1311:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( (*attribute_formats_ptr)[i], str); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:1391:5: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf( xref_class_report_fp, (print_atts_p == TRUE) ? "\n%6d" : "\n%11d", data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:1396:7: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf( xref_class_report_fp, (*attribute_formats_ptr)[i], data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:1406:9: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf( xref_class_report_fp, (*attribute_formats_ptr)[i], question_mark); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:1411:9: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf( xref_class_report_fp, (*attribute_formats_ptr)[i], data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:1421:5: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf( xref_class_report_fp, data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:1568:3: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf( influence_report_fp, header, (comment_data_headers_p == TRUE) ? "#" : "", data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:1576:9: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf( influence_report_fp, header, ""); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:1731:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( a_term_type, rpt_att_model_term_type( clsf, clsf_class_number, n_att)); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:1753:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( term_types[num_term_types], a_term_type); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:1769:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(title_line_2, temp); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:1902:5: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf( influence_report_fp, dashes); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:1903:5: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf( influence_report_fp, dashes); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:1937:5: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf( influence_report_fp, dashes); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:1938:5: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf( influence_report_fp, dashes); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:1972:3: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf( influence_report_fp, output_title, data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:1984:7: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf( influence_report_fp, output_title, data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:2032:3: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf( influence_report_fp, output_title, data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:2043:7: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf( influence_report_fp, output_title, data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:2090:3: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf( influence_report_fp, title_line_1); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:2094:5: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf( influence_report_fp, title_line_2); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:2350:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( model_term_type_symbol, (eqstring( print_string, "ignore")) data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:2357:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat( strcat( strncat( temp, description, line_length), data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:2357:11: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat( strcat( strncat( temp, description, line_length), data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:2467:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat( strcat( discrete_string_name, (name_length < name_max) ? " " : ""), temp); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:2467:15: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat( strcat( discrete_string_name, (name_length < name_max) ? " " : ""), temp); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:2486:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( formatted_p_p_star_list[list_index].discrete_string_name, discrete_string_name); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:2512:5: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf( e_format_string, format_string_1, header, data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:2524:7: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf( e_format_string, format_string_2, data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:2618:3: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf( e_format_string, format_string_1, data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:2630:5: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf( e_format_string, format_string_2, data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:2838:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( suffix_string, e_format_string); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:2862:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( suffix_string, e_format_string + char_cnt + 1); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:2864:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat( (char *) filtered_numeric_string, suffix_string); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:2868:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( e_format_string, (char *) filtered_numeric_string); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:2871:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( (char *) filtered_numeric_string, e_format_string); data/autoclass-3.3.6.dfsg.1/prog/intf-sigma-contours.c:187:11: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf( e_format_string, format_string, data/autoclass-3.3.6.dfsg.1/prog/intf-sigma-contours.c:304:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( att_loc_string, model->att_locs[att_index]); data/autoclass-3.3.6.dfsg.1/prog/intf-sigma-contours.c:313:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( att_loc_string, ++str_index); data/autoclass-3.3.6.dfsg.1/prog/intf-sigma-contours.c:315:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( att_loc_string, model->att_locs[*trans_att_index]); data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:130:3: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. fscanf(header_file_fp, "%s %d\n", def_name_string, &num); data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:133:5: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. fscanf(header_file_fp, "%s", def_name_string); data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:291:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(d_base->data_file, data_file_ptr); data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:292:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(d_base->header_file, header_file_ptr); data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:413:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(msg, warning_msg); data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:436:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(msg, warning_msg); data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:441:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat( msg, warning_msg); data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:449:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat( msg, warning_msg); data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:450:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat( msg, errors->model_expander_warnings[i]); data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:455:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat( msg, warning_msg); data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:458:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat( msg, warning_msg); data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:490:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat( msg, str); data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:491:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat( msg, errors->model_expander_errors[i]); data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:1161:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(att->type, type_ptr); data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:1162:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(att->sub_type, sub_type_ptr); data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:1171:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(att->dscrp, dscrp_ptr); data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:1552:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(invalid_error->value, value); data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:1594:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(attribute->translations[val], value); data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:1669:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(line_tokens[length - 1], form); data/autoclass-3.3.6.dfsg.1/prog/io-read-model.c:242:7: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. fscanf(stream, "%s", temp); data/autoclass-3.3.6.dfsg.1/prog/io-read-model.c:252:7: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. fscanf(stream, "%s", temp); /* all we had was paren so get next */ data/autoclass-3.3.6.dfsg.1/prog/io-read-model.c:263:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(list[*num - 1], temp); data/autoclass-3.3.6.dfsg.1/prog/io-read-model.c:273:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(list[*num - 1], temp); data/autoclass-3.3.6.dfsg.1/prog/io-read-model.c:331:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(model->model_file, source); data/autoclass-3.3.6.dfsg.1/prog/io-read-model.c:406:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(set_type, model_group[i_group][0]); data/autoclass-3.3.6.dfsg.1/prog/io-read-model.c:472:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(default_set_type, set_type); data/autoclass-3.3.6.dfsg.1/prog/io-read-model.c:558:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(model->terms[num]->type, model_type); data/autoclass-3.3.6.dfsg.1/prog/io-read-model.c:646:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(model->terms[num]->type, model_type); data/autoclass-3.3.6.dfsg.1/prog/io-read-model.c:734:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(model->terms[num]->type, model_type); data/autoclass-3.3.6.dfsg.1/prog/io-results-bin.c:89:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf( str, "ac_version %s", G_ac_version); data/autoclass-3.3.6.dfsg.1/prog/io-results-bin.c:125:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf( model_num_string, "%s %d", model_string, i); data/autoclass-3.3.6.dfsg.1/prog/io-results-bin.c:200:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf( props_string, "%s %s %d", (char *) att_info->props[i][0], data/autoclass-3.3.6.dfsg.1/prog/io-results-bin.c:205:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf( props_string, "%s %s %f", (char *) att_info->props[i][0], data/autoclass-3.3.6.dfsg.1/prog/io-results-bin.c:210:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf( props_string, "%s %s %s", (char *) att_info->props[i][0], data/autoclass-3.3.6.dfsg.1/prog/io-results-bin.c:477:3: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf( line, "%s %s", token1, token2); data/autoclass-3.3.6.dfsg.1/prog/io-results-bin.c:554:7: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf( line, "%s", token1); data/autoclass-3.3.6.dfsg.1/prog/io-results-bin.c:576:9: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf( line, "%s", token1); data/autoclass-3.3.6.dfsg.1/prog/io-results-bin.c:723:9: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf( line, "%s %s %s", token1, token2, token3); data/autoclass-3.3.6.dfsg.1/prog/io-results-bin.c:725:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( token_ptr, token1); data/autoclass-3.3.6.dfsg.1/prog/io-results-bin.c:738:11: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( string_value, token3); data/autoclass-3.3.6.dfsg.1/prog/io-results-bin.c:759:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( att->warnings_and_errors->unspecified_dummy_warning, token1); data/autoclass-3.3.6.dfsg.1/prog/io-results-bin.c:767:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( att->warnings_and_errors->single_valued_warning, token2); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:315:7: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system( str); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:318:5: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system( str); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:518:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( line, warnings_and_errors->model_expander_warnings[i]); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:528:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( line, warnings_and_errors->model_expander_errors[i]); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1026:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( file, file_pathname); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1031:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( binary_file, file_pathname); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1038:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( file, file_pathname); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1043:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( binary_file, file_pathname); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1071:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( *found_file_ptr, binary_file); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1080:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( *found_file_ptr, file); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1145:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( file, file_pathname); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1150:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( binary_file, file_pathname); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1167:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( *found_file_ptr, file); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1177:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( *found_file_ptr, binary_file); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1286:5: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf( line, "%s %s", token1, token2); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1350:5: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf( line, "%s %s", token1, token2); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1365:9: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf( line, "%s", token1); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1373:7: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf( line, "%s", token1); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1393:11: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf( line, "%s", token1); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1401:7: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf( line, "%s", token1); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1418:7: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf( line, "%s", token1); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1462:3: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf( line, "%s\n", token); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1469:3: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf( line, "%s %s", data_file, header_file); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1476:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(d_base->data_file, data_file); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1477:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(d_base->header_file, header_file); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1515:3: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf( line, "%s %d", token1, &file_model_index); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1524:3: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf( line, "%s %d", model->id, &model->file_index); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1527:3: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf( line, "%s", model->model_file); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1531:3: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf( line, "%s %s %d", model->data_file, model->header_file, data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1571:5: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf( line, "%s %d", token1, &file_n_class); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1618:5: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf( line, "%s %d", token1, &file_model_file_index); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1656:3: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf( line, "%s %d", token1, &file_n_att); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1670:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( att->type, token_list[0]); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1671:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( att->sub_type, token_list[1]); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1672:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( att->dscrp, token_list[2]); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1731:9: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf( line, "%d %s", &int_token, token2); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1733:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( att->translations[i], token2); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1745:9: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf( line, "%s %s %s", token1, token2, token3); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1747:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( token_ptr, token1); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1760:11: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( string_value, token3); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1778:5: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf( line, "%s %s %d %d", token1, token2, data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1784:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( att->warnings_and_errors->unspecified_dummy_warning, token1); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1788:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( att->warnings_and_errors->single_valued_warning, token2); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1797:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( att->warnings_and_errors->model_expander_warnings[i], line); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1806:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( att->warnings_and_errors->model_expander_errors[i], line); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1828:3: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf( line, "%s %d", token1, &file_n_parm); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1958:3: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf( line, "%s", token1); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1968:3: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf( line, "%s", token1); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1980:3: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf( line, "%s", token1); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1990:3: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf( line, "%s", token1); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:2002:3: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf( line, "%s", token1); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:2029:3: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf( line, "%s", token1); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:2060:3: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf( line, "%s", token1); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:2070:3: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf( line, "%s", token1); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:2080:3: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf( line, "%s", token1); data/autoclass-3.3.6.dfsg.1/prog/model-expander-3.c:158:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(term_type, term->type); /* The type of term set */ data/autoclass-3.3.6.dfsg.1/prog/model-expander-3.c:174:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(att_type, att->type); /* One of 'real, 'discrete & etc. */ data/autoclass-3.3.6.dfsg.1/prog/model-expander-3.c:177:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(str, "n_%s", att_type); /* this statement added 3/2/JTP*/ data/autoclass-3.3.6.dfsg.1/prog/model-expander-3.c:183:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(att_sub_type, att->sub_type); data/autoclass-3.3.6.dfsg.1/prog/model-expander-3.c:200:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(att_sub_type, att_info[att_index]->sub_type); data/autoclass-3.3.6.dfsg.1/prog/model-expander-3.c:203:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(str, "n_%s", att_sub_type); data/autoclass-3.3.6.dfsg.1/prog/model-expander-3.c:280:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(model->att_ignore_ids[new_i], model->att_ignore_ids[old_i]); data/autoclass-3.3.6.dfsg.1/prog/model-transforms.c:39:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat( str, short_str); data/autoclass-3.3.6.dfsg.1/prog/model-transforms.c:106:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(att_type, att->type); data/autoclass-3.3.6.dfsg.1/prog/model-transforms.c:107:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(att_subtype, att->sub_type); data/autoclass-3.3.6.dfsg.1/prog/model-transforms.c:271:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(new_att->type, att->type); data/autoclass-3.3.6.dfsg.1/prog/model-transforms.c:346:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(new_att->type, att->type); data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:276:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(str, "\n----------- SEARCH STATUS as of %s -----------\n", data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:460:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(str, "%s%s",(saved_p) ? " *SAVED*":"", (new_line_p) ? "\n" : ""); data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:1340:7: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system( str); data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:1344:5: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system( str); data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:1539:3: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf( line, "%s", token); data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:1561:3: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf( line, "%s", token); data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:1623:5: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf( line, "%s %d", token, &file_try_index); data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:1638:5: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf( line, "%s %d %s %d", token, &file_try_index, dup_token, &dup_file_try_index); data/autoclass-3.3.6.dfsg.1/prog/search-control.c:391:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( results_file_ptr, results_file); data/autoclass-3.3.6.dfsg.1/prog/search-control.c:397:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( results_file_ptr, results_file); data/autoclass-3.3.6.dfsg.1/prog/search-control.c:514:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( results_file_ptr, results_file); data/autoclass-3.3.6.dfsg.1/prog/search-control.c:628:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(str, " %s%d->%d(%d) ", "best", latest_try->j_in, latest_try->j_out, search->n); data/autoclass-3.3.6.dfsg.1/prog/search-control.c:630:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(str, " %s%d->%d(%d) ", "dup", latest_try->j_in, latest_try->j_out, search->n); data/autoclass-3.3.6.dfsg.1/prog/search-control.c:656:13: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(n_classes_explain, temp_str); data/autoclass-3.3.6.dfsg.1/prog/struct-data.c:297:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( transform, att_i->sub_type); data/autoclass-3.3.6.dfsg.1/prog/utils.c:135:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(time_string," %d day%s", days, (days > 1) ? "s" : ""); data/autoclass-3.3.6.dfsg.1/prog/utils.c:137:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(temp_string," %d hour%s", hours, (hours > 1) ? "s" : ""); data/autoclass-3.3.6.dfsg.1/prog/utils.c:138:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(time_string, temp_string); data/autoclass-3.3.6.dfsg.1/prog/utils.c:141:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(temp_string," %d minute%s", minutes, (minutes > 1) ? "s" : ""); data/autoclass-3.3.6.dfsg.1/prog/utils.c:142:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(time_string, temp_string); data/autoclass-3.3.6.dfsg.1/prog/utils.c:145:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(temp_string," %d second%s", seconds, (seconds > 1) ? "s" : ""); data/autoclass-3.3.6.dfsg.1/prog/utils.c:146:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(time_string, temp_string); data/autoclass-3.3.6.dfsg.1/prog/utils.c:237:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf( msg_string, " [checkpt clsf (j=%d, cycle=%d) at %s] ", clsf->n_classes, data/autoclass-3.3.6.dfsg.1/prog/utils.c:502:7: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf( line, "%s", answer); data/autoclass-3.3.6.dfsg.1/prog/utils.c:676:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(t1, "%s", (char *) G_plist[i][0]); data/autoclass-3.3.6.dfsg.1/prog/utils.c:677:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(t2, "%s", (char *) G_plist[i][1]); data/autoclass-3.3.6.dfsg.1/prog/utils.c:704:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(G_plist[n][0], target); data/autoclass-3.3.6.dfsg.1/prog/utils.c:707:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(G_plist[n][1], pname); data/autoclass-3.3.6.dfsg.1/prog/utils.c:1157:16: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. return_cnt = vfprintf( stream, format, arg_addr); data/autoclass-3.3.6.dfsg.1/prog/utils.c:1190:22: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. return_cnt = (int) vsprintf( str, format, arg_addr); data/autoclass-3.3.6.dfsg.1/data/tests.c:127:66: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. ;;; BLOCK-SET-CLSF TESTS (.s-params files configured for **non**-random trials) data/autoclass-3.3.6.dfsg.1/prog/autoclass.h:15:15: [3] (random) drand48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. extern double drand48(void); data/autoclass-3.3.6.dfsg.1/prog/autoclass.h:16:15: [3] (random) erand48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. extern double erand48(unsigned short *); data/autoclass-3.3.6.dfsg.1/prog/autoclass.h:17:13: [3] (random) jrand48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. extern long jrand48(unsigned short *); data/autoclass-3.3.6.dfsg.1/prog/autoclass.h:18:13: [3] (random) lcong48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. extern void lcong48(unsigned short *); data/autoclass-3.3.6.dfsg.1/prog/autoclass.h:19:13: [3] (random) lrand48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. extern long lrand48(void); data/autoclass-3.3.6.dfsg.1/prog/autoclass.h:20:13: [3] (random) mrand48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. extern long mrand48(void); data/autoclass-3.3.6.dfsg.1/prog/autoclass.h:21:13: [3] (random) nrand48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. extern long nrand48(unsigned short *); data/autoclass-3.3.6.dfsg.1/prog/autoclass.h:22:24: [3] (random) seed48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. extern unsigned short *seed48(unsigned short *); data/autoclass-3.3.6.dfsg.1/prog/autoclass.h:48:17: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. #define srand48 srand data/autoclass-3.3.6.dfsg.1/prog/autoclass.h:605:8: [3] (random) drand48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. double drand48(); data/autoclass-3.3.6.dfsg.1/prog/autoclass.h:607:6: [3] (random) lrand48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. long lrand48(); data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:1065:28: [3] (random) lrand48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. diff += (min( (double) lrand48( ), G_rand_base_normalizer) / normalizer) - data/autoclass-3.3.6.dfsg.1/prog/utils.c:429:33: [3] (random) lrand48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. temp = (int) (min( (double) lrand48( ), G_rand_base_normalizer) / normalizer); data/autoclass-3.3.6.dfsg.1/prog/utils.c:441:6: [3] (random) lrand48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. long lrand48() { data/autoclass-3.3.6.dfsg.1/prog/utils.c:464:32: [3] (random) lrand48: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. i = (int) (min( (double) lrand48( ), G_rand_base_normalizer) / normalizer); data/autoclass-3.3.6.dfsg.1/prog/autoclass.h:205:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. typedef char fxlstr[STRLIMIT]; data/autoclass-3.3.6.dfsg.1/prog/autoclass.h:221:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. typedef char shortstr[SHORT_STRING_LENGTH]; data/autoclass-3.3.6.dfsg.1/prog/autoclass.h:222:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. typedef char very_long_str[VERY_LONG_STRING_LENGTH]; data/autoclass-3.3.6.dfsg.1/prog/getparams.c:93:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buff[LINLIM], *bp; data/autoclass-3.3.6.dfsg.1/prog/getparams.h:28:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char paramname[PARAMNAMLEN]; data/autoclass-3.3.6.dfsg.1/prog/globals.c:31:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char G_absolute_pathname[MAXPATHLEN]; data/autoclass-3.3.6.dfsg.1/prog/globals.c:40:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char G_data_file_format[10] = ""; /* "binary" or "ascii" */ data/autoclass-3.3.6.dfsg.1/prog/init.c:42:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(G_transforms[0] , "log_transform"); data/autoclass-3.3.6.dfsg.1/prog/init.c:43:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy( G_transforms[1] , "log_odds_transform"); data/autoclass-3.3.6.dfsg.1/prog/init.c:45:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy( G_att_type_data[0] , "dummy"); data/autoclass-3.3.6.dfsg.1/prog/init.c:46:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy( G_att_type_data[1] , "none"); data/autoclass-3.3.6.dfsg.1/prog/init.c:47:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy( G_att_type_data[2] , "discrete"); data/autoclass-3.3.6.dfsg.1/prog/init.c:48:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy( G_att_type_data[3] , "real"); data/autoclass-3.3.6.dfsg.1/prog/init.c:49:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy( G_att_type_data[4] , "real_and_error"); data/autoclass-3.3.6.dfsg.1/prog/init.c:56:6: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat( G_absolute_pathname, "<current working directory>"); data/autoclass-3.3.6.dfsg.1/prog/init.c:64:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen( "/usr/ucb/hostname", "r"); data/autoclass-3.3.6.dfsg.1/prog/init.c:92:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(t1[0][0], "discrete"); data/autoclass-3.3.6.dfsg.1/prog/init.c:97:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(t1temp[0][0], "nominal"); data/autoclass-3.3.6.dfsg.1/prog/init.c:101:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(t1temp[1][0], "ordered"); data/autoclass-3.3.6.dfsg.1/prog/init.c:105:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(t1temp[2][0], "circular"); data/autoclass-3.3.6.dfsg.1/prog/init.c:110:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(t1[1][0], "n_discrete"); data/autoclass-3.3.6.dfsg.1/prog/init.c:120:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. t2 = (char **) malloc(i2[0] * sizeof(char *)); data/autoclass-3.3.6.dfsg.1/prog/init.c:122:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(t2[0], "multi_multinomial_d"); data/autoclass-3.3.6.dfsg.1/prog/init.c:124:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(t2[1], "multi_multinomial_s"); data/autoclass-3.3.6.dfsg.1/prog/init.c:126:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(t2[2], "multi_multinomial_choose"); data/autoclass-3.3.6.dfsg.1/prog/init.c:142:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(t1[0][0], "discrete"); data/autoclass-3.3.6.dfsg.1/prog/init.c:147:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(t1temp[0][0], "nominal"); data/autoclass-3.3.6.dfsg.1/prog/init.c:151:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(t1temp[1][0], "ordered"); data/autoclass-3.3.6.dfsg.1/prog/init.c:155:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(t1temp[2][0], "circular"); data/autoclass-3.3.6.dfsg.1/prog/init.c:160:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(t1[1][0], "n_discrete"); data/autoclass-3.3.6.dfsg.1/prog/init.c:170:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. t2 = (char **) malloc(i2[0] * sizeof(char *)); data/autoclass-3.3.6.dfsg.1/prog/init.c:172:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(t2[0], "multi_multinomial_s"); data/autoclass-3.3.6.dfsg.1/prog/init.c:174:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(t2[1], "multi_multinomial_d"); data/autoclass-3.3.6.dfsg.1/prog/init.c:176:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(t2[2], "multi_multinomial_choose"); data/autoclass-3.3.6.dfsg.1/prog/init.c:192:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(t1[0][0], "real"); data/autoclass-3.3.6.dfsg.1/prog/init.c:197:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(t1temp[0][0], "location"); data/autoclass-3.3.6.dfsg.1/prog/init.c:201:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(t1temp[1][0], "scalar"); data/autoclass-3.3.6.dfsg.1/prog/init.c:206:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(t1temptemp[0][0], "transform"); data/autoclass-3.3.6.dfsg.1/prog/init.c:208:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(t1temptemp[0][1], "log_transform"); data/autoclass-3.3.6.dfsg.1/prog/init.c:212:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(t1[1][0], "n_real"); data/autoclass-3.3.6.dfsg.1/prog/init.c:216:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(t1temp[2][0], "n_scalar"); data/autoclass-3.3.6.dfsg.1/prog/init.c:227:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. t2 = (char **) malloc(i2[0] * sizeof(char *)); data/autoclass-3.3.6.dfsg.1/prog/init.c:229:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(t2[0], "multi_normal_cn"); data/autoclass-3.3.6.dfsg.1/prog/init.c:245:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(t1[0][0], "discrete"); data/autoclass-3.3.6.dfsg.1/prog/init.c:250:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(t1temp[0][0], "nominal"); data/autoclass-3.3.6.dfsg.1/prog/init.c:254:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(t1temp[1][0], "ordered"); data/autoclass-3.3.6.dfsg.1/prog/init.c:258:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(t1temp[2][0], "circular"); data/autoclass-3.3.6.dfsg.1/prog/init.c:263:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(t1[1][0], "n_discrete"); data/autoclass-3.3.6.dfsg.1/prog/init.c:271:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. t2 = (char **) malloc(i2[0] * sizeof(char *)); data/autoclass-3.3.6.dfsg.1/prog/init.c:273:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(t2[0], "multi_multinomial_d"); data/autoclass-3.3.6.dfsg.1/prog/init.c:275:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(t2[1], "multi_multinomial_s"); data/autoclass-3.3.6.dfsg.1/prog/init.c:277:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(t2[2], "multi_multinomial_choose"); data/autoclass-3.3.6.dfsg.1/prog/init.c:293:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(t1[0][0], "real"); data/autoclass-3.3.6.dfsg.1/prog/init.c:298:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(t1temp[0][0], "location"); data/autoclass-3.3.6.dfsg.1/prog/init.c:302:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(t1temp[1][0], "scalar"); data/autoclass-3.3.6.dfsg.1/prog/init.c:307:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(t1temptemp[0][0], "transform"); data/autoclass-3.3.6.dfsg.1/prog/init.c:309:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(t1temptemp[0][1], "log_transform"); data/autoclass-3.3.6.dfsg.1/prog/init.c:312:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(t1temp[2][0], "n_scalar"); data/autoclass-3.3.6.dfsg.1/prog/init.c:319:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(t1[1][0], "n_real"); data/autoclass-3.3.6.dfsg.1/prog/init.c:327:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. t2 = (char **) malloc(i2[0] * sizeof(char *)); data/autoclass-3.3.6.dfsg.1/prog/init.c:329:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(t2[0], "multi_normal_cn"); data/autoclass-3.3.6.dfsg.1/prog/init.c:345:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(t1[0][0], "real"); data/autoclass-3.3.6.dfsg.1/prog/init.c:350:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(t1temp[0][0], "location"); data/autoclass-3.3.6.dfsg.1/prog/init.c:354:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(t1temp[1][0], "scalar"); data/autoclass-3.3.6.dfsg.1/prog/init.c:359:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(t1temptemp[0][0], "transform"); data/autoclass-3.3.6.dfsg.1/prog/init.c:361:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(t1temptemp[0][1], "log_transform"); data/autoclass-3.3.6.dfsg.1/prog/init.c:364:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(t1temp[2][0], "n_scalar"); data/autoclass-3.3.6.dfsg.1/prog/init.c:371:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(t1[1][0], "n_real"); data/autoclass-3.3.6.dfsg.1/prog/init.c:389:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(types[0][0], "real"); data/autoclass-3.3.6.dfsg.1/prog/init.c:391:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(types[0][1], "location"); data/autoclass-3.3.6.dfsg.1/prog/init.c:393:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(types[0][2], "scalar"); data/autoclass-3.3.6.dfsg.1/prog/intf-influence-values.c:230:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). return ( atoi( class->model->att_locs[n_att])); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:161:28: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). reports_params_file_fp = fopen( reports_params_file_ptr, "r"); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:221:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). log_file_fp = fopen( log_file_ptr, "a"); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:230:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy( autoclass_mode, "-PREDICT"); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:232:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy( autoclass_mode, "-REPORTS"); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:250:20: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). search_file_fp = fopen( search_file_ptr, "r"); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:406:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char clsf_num_string[4]; data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:419:5: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat( influence_report_pathname, "o-"); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:421:5: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat( influence_report_pathname, "no-"); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:424:5: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat( influence_report_pathname, "text-"); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:426:5: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat( influence_report_pathname, "data-"); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:427:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( clsf_num_string, "%d", clsf_num); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:434:25: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). influence_report_fp = fopen( influence_report_pathname, "w"); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:522:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char clsf_num_string[4]; data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:534:5: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat( xref_case_report_pathname, "text-"); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:536:5: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat( xref_case_report_pathname, "data-"); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:537:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( clsf_num_string, "%d", clsf_num); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:539:25: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). xref_case_report_fp = fopen( xref_case_report_pathname, "w"); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:572:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char clsf_num_string[4]; data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:584:5: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat( xref_class_report_pathname, "text-"); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:586:5: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat( xref_class_report_pathname, "data-"); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:587:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( clsf_num_string, "%d", clsf_num); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:590:26: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). xref_class_report_fp = fopen( xref_class_report_pathname, "w"); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:1063:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dashed_line[92] = "------------------------------------------------------------" data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:1103:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( divider_format, "%%%dc", blank_cnt); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:1292:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( str, " %%-%ds", report_attribute_strings[i]->dscrp_length); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:1294:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( str, " %%-%dg", report_attribute_strings[i]->dscrp_length); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:1385:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( prob_tab_format, "\n%%%dc", prob_tab); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:1386:5: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat( prob_tab_format, "%2d %5.3f"); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:1451:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char class_number_type[5] = "clsf"; data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:1503:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char class_number_type[5] = "clsf"; data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:1690:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char title_line_1[2*STRLIMIT] = "", title_line_2[3*STRLIMIT] = "", *att_type; data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:1768:34: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. term_types[i], (char *) get( term_types[i], "print_string")); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:2322:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char header[60], header_continued[60]; data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:2328:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *type, type_letter[2], *description, model_term_type_symbol[] = " "; data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:2444:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char header_prefix[60]; data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:2598:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char header_prefix[60]; data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:2830:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char *filtered_numeric_string[STRLIMIT]; data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:90:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( str, "\nDo you want to EXIT - {y/n}? "); data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:184:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char output_msg_type[8] = ":read"; data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:194:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy( output_msg_type, ":expand"); data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:306:20: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). data_file_fp = fopen( data_file_ptr, "rb"); data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:308:20: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). data_file_fp = fopen( data_file_ptr, "r"); data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:442:5: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat( msg, data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:735:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char **instance, db2_bin_header[10] = ""; data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:739:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char comment_chars[4], caller[] = "read_data"; data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:926:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy( att_info[att_num]->warnings_and_errors->unspecified_dummy_warning, "true"); data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:1638:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char form[VERY_LONG_TOKEN_LENGTH]; data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:1639:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char datum_string[VERY_LONG_STRING_LENGTH]; data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:1709:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(s2, "eof"); data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:1713:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(s2, "eof"); data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:1724:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(s2, "comment"); data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:1758:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(s2, "eof"); data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:1877:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att->warnings_and_errors->single_valued_warning, "true"); data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:1976:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att->warnings_and_errors->single_valued_warning, "true"); data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:2092:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[VERY_LONG_TOKEN_LENGTH]; data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:2138:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy( output_msg_type, ":expand"); data/autoclass-3.3.6.dfsg.1/prog/io-read-model.c:229:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[255], /* arbitrarilyh chose 255 but no check done*/ data/autoclass-3.3.6.dfsg.1/prog/io-read-model.c:443:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(model->att_locs[n_att], "ignore"); data/autoclass-3.3.6.dfsg.1/prog/io-read-model.c:444:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(model->att_ignore_ids[n_att], "ignore_model"); data/autoclass-3.3.6.dfsg.1/prog/io-read-model.c:794:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(locs[i], "ignore"); data/autoclass-3.3.6.dfsg.1/prog/io-read-model.c:797:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att_ignore_ids[i], "transformed-attribute-ignored"); data/autoclass-3.3.6.dfsg.1/prog/io-read-model.c:800:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att_ignore_ids[i], "att_type_not_specified"); data/autoclass-3.3.6.dfsg.1/prog/io-read-model.c:802:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att_ignore_ids[i], "att_type_is_dummy"); data/autoclass-3.3.6.dfsg.1/prog/io-read-model.c:804:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att_ignore_ids[i], "model_term_not_specified"); data/autoclass-3.3.6.dfsg.1/prog/io-results-bin.c:80:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( str, "# ordered sequence of clsf_DS's: 0 -> %d", num - 1); data/autoclass-3.3.6.dfsg.1/prog/io-results-bin.c:84:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( str, "# clsf_DS %d: log_a_x_h = %.7e", i, data/autoclass-3.3.6.dfsg.1/prog/io-results-bin.c:437:31: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. safe_fwrite( results_fp, (char *) classes[i], sizeof( struct class), CLASS_TYPE, data/autoclass-3.3.6.dfsg.1/prog/io-results-bin.c:728:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). *int_value = atoi( token3); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:271:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy( ext_type, "results_bin"); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:272:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy( temp_ext_type, "results_tmp_bin"); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:275:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy( ext_type, "results"); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:276:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy( temp_ext_type, "results_tmp"); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:281:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy( ext_type, "checkpoint_bin"); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:282:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy( temp_ext_type, "checkpoint_tmp_bin"); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:285:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy( ext_type, "checkpoint"); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:286:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy( temp_ext_type, "checkpoint_tmp"); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:300:20: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). save_file_fp = fopen( temp_save_file, (save_compact_p) ? "wb" : "w"); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:303:20: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). save_file_fp = fopen( save_file, (save_compact_p) ? "wb" : "w"); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:312:25: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((save_file_fp = fopen( save_file, "r")) != NULL) { data/autoclass-3.3.6.dfsg.1/prog/io-results.c:967:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file_fp = fopen( *file_ptr, "r"); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1027:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (user_extension, "ascii"); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1032:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (user_extension, "binary"); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1039:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (user_extension, "ascii"); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1044:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (user_extension, "binary"); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1068:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). binary_file_fp = fopen( binary_file, "rb"); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1077:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file_fp = fopen( file, "r"); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1146:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (user_extension, "ascii"); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1151:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (user_extension, "binary"); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1163:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file_fp = fopen( file, "r"); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1166:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy( G_data_file_format, "ascii"); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1173:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). binary_file_fp = fopen( binary_file, "rb"); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1176:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy( G_data_file_format, "binary"); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1227:25: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). results_file_fp = fopen( results_file_ptr, "rb"); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1233:25: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). results_file_fp = fopen( results_file_ptr, "r"); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1242:25: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). results_file_fp = fopen( results_file_ptr, "rb"); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1248:25: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). results_file_fp = fopen( results_file_ptr, "r"); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1750:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). *int_value = atoi( token3); data/autoclass-3.3.6.dfsg.1/prog/model-expander-3.c:278:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(model->att_locs[old_i], "TRANSFORMED->%d", new_i); data/autoclass-3.3.6.dfsg.1/prog/model-expander-3.c:279:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(model->att_locs[new_i], "%d", n_term); data/autoclass-3.3.6.dfsg.1/prog/model-single-normal-cm.c:78:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att->warnings_and_errors->model_expander_errors[n], data/autoclass-3.3.6.dfsg.1/prog/model-single-normal-cm.c:143:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att->warnings_and_errors->model_expander_warnings[n], data/autoclass-3.3.6.dfsg.1/prog/model-single-normal-cn.c:72:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att->warnings_and_errors->model_expander_errors[n], data/autoclass-3.3.6.dfsg.1/prog/model-single-normal-cn.c:139:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(att->warnings_and_errors->model_expander_errors[n], data/autoclass-3.3.6.dfsg.1/prog/model-transforms.c:38:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(short_str, "%d ", att_list[i]); data/autoclass-3.3.6.dfsg.1/prog/model-transforms.c:272:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(new_att->sub_type, "log_transform"); data/autoclass-3.3.6.dfsg.1/prog/model-transforms.c:347:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(new_att->sub_type, "log_odds_transform_c"); data/autoclass-3.3.6.dfsg.1/prog/predictions.c:48:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). header_file_fp = fopen( header_file_ptr, "r"); data/autoclass-3.3.6.dfsg.1/prog/predictions.c:50:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). model_file_fp = fopen( model_file_ptr, "r"); data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:135:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, "\nWELCOME TO AUTOCLASS.\n"); data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:137:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, " 1) Each time I have finished a new 'trial', or attempt to find a good\n"); data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:139:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, " classification, I will print the number of classes that trial\n"); data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:141:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, " started and ended with, such as 9->7.\n"); data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:143:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, " 2) If that trial results in a duplicate of a previous run, I will print\n"); data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:145:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, " 'dup' first.\n"); data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:147:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, " 3) If that trial results in a classification better than any previous, \n"); data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:149:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, " I will print 'best' first.\n"); data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:155:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, " classification has been found which is better than any previous ones,\n"); data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:157:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, " I will report on that classification and on the status of the search\n" data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:160:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, " 5) This report will include an estimate of the time it will take to find\n"); data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:162:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, " another even better classification, and how much better that will be.\n"); data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:164:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, " In addition, I will estimate a lower bound on how long it might take to\n"); data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:166:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, " find the very best classification, and how much better that might be.\n"); data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:174:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( str, " 7) Since interactive_p = false, I will continue searching\n "); data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:176:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( str, " 7) To quit searching, type a 'q', hit <return>, and wait. Otherwise I'll\n" data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:182:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, "until I complete trial number (%d).\n", max_n_tries); data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:184:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, "forever.\n"); data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:265:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:273:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, "(Also found %d other better than last report.)\n", n_not_reported); data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:289:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, "times more probable.\n"); data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:296:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, "times more probable.\n"); data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:304:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, "to"); data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:307:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, "times more probable.\n"); data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:331:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, "Overhead time is %.1f %% of total search time\n", (time_overhead * 100.0)); data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:457:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, " DUPS %d", try->n_duplicates); data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:525:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( str, "[reconverge \"chkpt\" j_in=%d] ", j_in); data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:535:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( str, "[reconverge \"results\" j_in=%d] ", j_in); data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:539:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( str, "[j_in=%d] ", j_in); data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:648:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, " [c: cycles %d]", n_cycles); data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:734:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, " [cs-3: cycles %d]", count); data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:827:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, " [cs-3a: cycles %d]", count); data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:957:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, " [cs-4: cycles %d]", count); data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:1327:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). search_file_fp = fopen( temp_search_file, "w"); data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:1330:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). search_file_fp = fopen( search_file_ptr, "w"); data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:1337:27: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((search_file_fp = fopen( search_file_ptr, "r")) != NULL) { data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:1382:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(id, "search_try_DS %d", i); data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:1416:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( dup_id, "search_try_DS %d dup_try_DS %d", try_index, dup_index); data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:1784:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( str, "It has %d CLASSES with WEIGHTS", clsf->n_classes); data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:1791:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( str, " %d", *(temp_num_ptr + i)); data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:1813:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, " exp(%.1f) ", log_number); data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:1816:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, "[= %.1e] ", safe_exp( log_number)); data/autoclass-3.3.6.dfsg.1/prog/search-control.c:193:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp_str[5], caller[] = "autoclass_search"; data/autoclass-3.3.6.dfsg.1/prog/search-control.c:261:27: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). search_params_file_fp = fopen(search_params_file_ptr, "r"); data/autoclass-3.3.6.dfsg.1/prog/search-control.c:316:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( str, "Do you want to continue {y/n} "); data/autoclass-3.3.6.dfsg.1/prog/search-control.c:335:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). header_file_fp = fopen( header_file_ptr, "r"); data/autoclass-3.3.6.dfsg.1/prog/search-control.c:337:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). model_file_fp = fopen( model_file_ptr, "r"); data/autoclass-3.3.6.dfsg.1/prog/search-control.c:339:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). log_file_fp = fopen( log_file_ptr, "a"); data/autoclass-3.3.6.dfsg.1/prog/search-control.c:408:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( str, "Do you want to continue {y/n} "); data/autoclass-3.3.6.dfsg.1/prog/search-control.c:433:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). search_file_fp = fopen( search_file_ptr, "r"); data/autoclass-3.3.6.dfsg.1/prog/search-control.c:595:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). log_file_fp = fopen( log_file_ptr, "a"); data/autoclass-3.3.6.dfsg.1/prog/search-control.c:632:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, " %d->%d(%d) ", latest_try->j_in, latest_try->j_out, search->n); data/autoclass-3.3.6.dfsg.1/prog/search-control.c:651:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(n_classes_explain, "as fixed at %d", fixed_j); data/autoclass-3.3.6.dfsg.1/prog/search-control.c:653:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(n_classes_explain, "off of list: ("); data/autoclass-3.3.6.dfsg.1/prog/search-control.c:655:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(temp_str, " %d", start_j_list[i]); data/autoclass-3.3.6.dfsg.1/prog/search-control.c:658:11: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(n_classes_explain, " )"); data/autoclass-3.3.6.dfsg.1/prog/search-control.c:731:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(stop_reason, "you asked me to"); data/autoclass-3.3.6.dfsg.1/prog/search-control.c:733:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(stop_reason, "max duration has expired"); data/autoclass-3.3.6.dfsg.1/prog/search-control.c:735:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(stop_reason, "max number of tries reached"); data/autoclass-3.3.6.dfsg.1/prog/struct-data.c:212:20: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). header_file_fp = fopen( header_file, "r"); data/autoclass-3.3.6.dfsg.1/prog/struct-model.c:79:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). model_file_fp = fopen( model_file, "r"); data/autoclass-3.3.6.dfsg.1/prog/utils-math.c:85:11: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). num = atoi(string_num); data/autoclass-3.3.6.dfsg.1/prog/utils.c:111:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char time_string[50]; data/autoclass-3.3.6.dfsg.1/prog/utils.c:112:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp_string[20]; data/autoclass-3.3.6.dfsg.1/prog/utils.c:149:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(time_string," 0 seconds"); data/autoclass-3.3.6.dfsg.1/prog/utils.c:673:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char t1[STRLIMIT], t2[STRLIMIT]; data/autoclass-3.3.6.dfsg.1/prog/utils.c:676:26: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. sprintf(t1, "%s", (char *) G_plist[i][0]); data/autoclass-3.3.6.dfsg.1/prog/utils.c:677:26: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. sprintf(t2, "%s", (char *) G_plist[i][1]); data/autoclass-3.3.6.dfsg.1/prog/utils.c:984:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( str, "%d", *i_list); data/autoclass-3.3.6.dfsg.1/prog/getparams.c:239:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((strlen(bp) == 0) || (strlen(bp) == strspn(bp, " "))) { data/autoclass-3.3.6.dfsg.1/prog/getparams.c:239:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((strlen(bp) == 0) || (strlen(bp) == strspn(bp, " "))) { data/autoclass-3.3.6.dfsg.1/prog/getparams.c:283:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((int) strlen(name) >= PARAMNAMLEN) data/autoclass-3.3.6.dfsg.1/prog/init.c:51:3: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy( G_checkpoint_file, ""); data/autoclass-3.3.6.dfsg.1/prog/init.c:54:3: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy( G_absolute_pathname, ""); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:416:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). trunc_index = (int) strlen( influence_report_pathname) - num_chars_to_trunc; data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:531:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). trunc_index = (int) strlen( xref_case_report_pathname) - num_chars_to_trunc; data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:581:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). trunc_index = (int) strlen( xref_class_report_pathname) - num_chars_to_trunc; data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:1100:52: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). diff = report_att_string->dscrp_length - strlen( report_att_string->att_dscrp); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:1274:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dscrp_length = strlen( att_dscrp); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:1283:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((int) strlen( translations[n_trans]) > data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:1285:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). report_attribute_strings[i]->dscrp_length = strlen( translations[n_trans]); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:1404:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (*attribute_formats_ptr)[i][strlen( (*attribute_formats_ptr)[i]) -1] = data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:1409:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (*attribute_formats_ptr)[i][strlen( (*attribute_formats_ptr)[i]) -1] = data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:1579:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy( str, ""); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:1584:15: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat( str, output[n_att].att_dscrp_ptr, 55)); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:2337:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy( type_letter, "D"); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:2339:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy( type_letter, "I"); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:2341:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy( type_letter, "R"); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:2347:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). descrp_length = strlen( description); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:2357:19: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strcat( strcat( strncat( temp, description, line_length), data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:2454:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy( discrete_string_name, data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:2459:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). name_length = strlen( discrete_string_name); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:2508:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(header_prefix, header, 14); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:2510:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(header, " "); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:2520:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((i == 1) && ((int) strlen( description) > line_length)) data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:2600:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (((int) strlen( description) > line_length) || data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:2614:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(header_prefix, header, 14); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:2616:3: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(header, " "); data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:2628:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((int) strlen( description) <= line_length) data/autoclass-3.3.6.dfsg.1/prog/intf-reports.c:2860:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy( (char *) filtered_numeric_string, e_format_string, char_cnt); data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:277:9: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(errors->unspecified_dummy_warning, ""); data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:278:9: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(errors->single_valued_warning, ""); data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:406:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(errors->unspecified_dummy_warning) != 0) data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:452:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(errors->single_valued_warning) != 0) { data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:460:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((int) strlen( msg) > (msg_length - 1)) { data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:462:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). caller, (int) strlen( msg), (msg_length - 1)); data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:483:3: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(msg, ""); data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:487:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). msg_length = strlen( msg) + strlen( str) + data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:487:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). msg_length = strlen( msg) + strlen( str) + data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:488:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen( errors->model_expander_errors[i]) + 1; data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:493:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((int) strlen( msg) > (msg_length - 1)) { data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:495:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). caller, (int) strlen( msg), (msg_length - 1)); data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:629:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(errors->unspecified_dummy_warning) != 0) data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:637:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(errors->single_valued_warning) != 0) data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:643:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (((int) strlen(warning_msgs) > 0) || ((int) strlen(error_msgs) > 0)) { data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:643:56: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (((int) strlen(warning_msgs) > 0) || ((int) strlen(error_msgs) > 0)) { data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:656:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((int) strlen(warning_msgs) > 0) data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:658:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((int) strlen(error_msgs) > 0) data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:1163:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((int) strlen( dscrp_ptr) >= SHORT_STRING_LENGTH) { data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:1231:4: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(weds->unspecified_dummy_warning, ""); data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:1232:4: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(weds->single_valued_warning, ""); data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:1535:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((strlen(value) == 1) && (value[0] == d_base->unknown_token)) data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:1593:53: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). attribute->translations[val] = (char *) malloc( strlen( value) + 1); data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:1645:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(form, ""); data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:1668:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (char *) malloc((strlen(form) + 1) * sizeof(char)); data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:1670:9: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(form, ""); data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:1705:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int i = 0, str_len = strlen(s1), n_char, comment_p = FALSE, in_string_p = FALSE; data/autoclass-3.3.6.dfsg.1/prog/io-read-data.c:1774:39: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). for (i=0; i<(string_limit-1) && ((c=fgetc(stream)) != EOF) && (c != '\n'); i++) data/autoclass-3.3.6.dfsg.1/prog/io-read-model.c:196:18: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while ( ((c = fgetc(stream)) != EOF) && (c !='(' )); data/autoclass-3.3.6.dfsg.1/prog/io-read-model.c:215:18: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while ( ((c = fgetc(stream)) != EOF) && ( c !=')' ) ); data/autoclass-3.3.6.dfsg.1/prog/io-read-model.c:235:15: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while ( (c=fgetc(stream)) != EOF && c != '(' ); data/autoclass-3.3.6.dfsg.1/prog/io-read-model.c:248:3: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(list[*num - 1], "("); data/autoclass-3.3.6.dfsg.1/prog/io-read-model.c:249:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((int) strlen(temp) > 1) /* has number too*/ data/autoclass-3.3.6.dfsg.1/prog/io-read-model.c:262:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). list[*num - 1] = (char *) malloc((strlen(temp)+1) * sizeof(char)); data/autoclass-3.3.6.dfsg.1/prog/io-read-model.c:265:6: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(temp, ")" ); data/autoclass-3.3.6.dfsg.1/prog/io-read-model.c:272:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). list[*num - 1] = (char *) malloc((strlen(temp)+1) * sizeof(char)); data/autoclass-3.3.6.dfsg.1/prog/io-read-model.c:278:14: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while( (c=fgetc(stream)) != EOF && c != '\n' && c != ')' ); data/autoclass-3.3.6.dfsg.1/prog/io-read-model.c:347:10: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy( model->data_file, ""); data/autoclass-3.3.6.dfsg.1/prog/io-read-model.c:348:10: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy( model->header_file, ""); data/autoclass-3.3.6.dfsg.1/prog/io-results-bin.c:81:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). safe_fwrite( results_fp, str, strlen( str), CHAR_TYPE, caller); data/autoclass-3.3.6.dfsg.1/prog/io-results-bin.c:86:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). safe_fwrite( results_fp, str, strlen( str), CHAR_TYPE, caller); data/autoclass-3.3.6.dfsg.1/prog/io-results-bin.c:90:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). safe_fwrite( results_fp, str, strlen( str), CHAR_TYPE, caller); data/autoclass-3.3.6.dfsg.1/prog/io-results-bin.c:118:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). safe_fwrite( results_fp, db_string, strlen( db_string), CHAR_TYPE, caller); data/autoclass-3.3.6.dfsg.1/prog/io-results-bin.c:126:50: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). safe_fwrite( results_fp, model_num_string, strlen( model_num_string), data/autoclass-3.3.6.dfsg.1/prog/io-results-bin.c:195:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen( att_info->translations[i]), CHAR_TYPE, caller); data/autoclass-3.3.6.dfsg.1/prog/io-results-bin.c:202:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). safe_fwrite( results_fp, props_string, strlen( props_string), CHAR_TYPE, caller); data/autoclass-3.3.6.dfsg.1/prog/io-results-bin.c:207:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). safe_fwrite( results_fp, props_string, strlen( props_string), CHAR_TYPE, caller); data/autoclass-3.3.6.dfsg.1/prog/io-results-bin.c:212:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). safe_fwrite( results_fp, props_string, strlen( props_string), CHAR_TYPE, caller); data/autoclass-3.3.6.dfsg.1/prog/io-results-bin.c:228:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ? 4 : strlen( warnings_and_errors->unspecified_dummy_warning), data/autoclass-3.3.6.dfsg.1/prog/io-results-bin.c:234:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ? 4 : strlen( warnings_and_errors->single_valued_warning), data/autoclass-3.3.6.dfsg.1/prog/io-results-bin.c:239:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen( warnings_and_errors->model_expander_warnings[i]), data/autoclass-3.3.6.dfsg.1/prog/io-results-bin.c:243:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen( warnings_and_errors->model_expander_errors[i]), data/autoclass-3.3.6.dfsg.1/prog/io-results-bin.c:480:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). token_length = strlen( token2); data/autoclass-3.3.6.dfsg.1/prog/io-results-bin.c:757:7: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy( att->warnings_and_errors->unspecified_dummy_warning, ""); data/autoclass-3.3.6.dfsg.1/prog/io-results-bin.c:765:7: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy( att->warnings_and_errors->single_valued_warning, ""); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:519:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (j=0; j < strlen( line); j++) { data/autoclass-3.3.6.dfsg.1/prog/io-results.c:529:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (j=0; j < strlen( line); j++) { data/autoclass-3.3.6.dfsg.1/prog/io-results.c:952:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((int) strlen( file_arg) > (STRLIMIT - 1)) { data/autoclass-3.3.6.dfsg.1/prog/io-results.c:963:5: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat( *file_ptr, file_arg, strlen( file_arg) - strlen( file_arg_ext)); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:963:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat( *file_ptr, file_arg, strlen( file_arg) - strlen( file_arg_ext)); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:963:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat( *file_ptr, file_arg, strlen( file_arg) - strlen( file_arg_ext)); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:964:5: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat( *file_ptr, file_ext, strlen( file_ext)); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:964:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat( *file_ptr, file_ext, strlen( file_ext)); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1008:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((int) strlen( file_pathname) > (STRLIMIT - 1)) { data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1022:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). file_arg_ext_length = (int) strlen( file_arg_ext); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1025:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (file_arg_ext_length == (int) strlen( RESULTS_FILE_TYPE))) { data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1030:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (file_arg_ext_length == (int) strlen( RESULTS_BINARY_FILE_TYPE))) { data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1037:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (file_arg_ext_length == (int) strlen( CHECKPOINT_FILE_TYPE))) { data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1042:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (file_arg_ext_length == (int) strlen( CHECKPOINT_BINARY_FILE_TYPE))) { data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1053:5: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat( file, file_pathname, strlen( file_pathname) - file_arg_ext_length); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1053:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat( file, file_pathname, strlen( file_pathname) - file_arg_ext_length); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1054:5: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat( binary_file, file_pathname, strlen( file_pathname) - file_arg_ext_length); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1054:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat( binary_file, file_pathname, strlen( file_pathname) - file_arg_ext_length); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1056:7: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat( file, RESULTS_FILE_TYPE, strlen( RESULTS_FILE_TYPE)); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1056:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat( file, RESULTS_FILE_TYPE, strlen( RESULTS_FILE_TYPE)); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1057:7: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat( binary_file, RESULTS_BINARY_FILE_TYPE, strlen( RESULTS_BINARY_FILE_TYPE)); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1057:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat( binary_file, RESULTS_BINARY_FILE_TYPE, strlen( RESULTS_BINARY_FILE_TYPE)); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1060:7: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat( file, CHECKPOINT_FILE_TYPE, strlen( CHECKPOINT_FILE_TYPE)); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1060:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat( file, CHECKPOINT_FILE_TYPE, strlen( CHECKPOINT_FILE_TYPE)); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1061:7: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat( binary_file, CHECKPOINT_BINARY_FILE_TYPE, strlen( CHECKPOINT_BINARY_FILE_TYPE)); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1061:58: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat( binary_file, CHECKPOINT_BINARY_FILE_TYPE, strlen( CHECKPOINT_BINARY_FILE_TYPE)); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1127:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((int) strlen( file_pathname) > (STRLIMIT - 1)) { data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1142:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). file_arg_ext_length = (int) strlen( file_arg_ext); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1144:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (file_arg_ext_length == (int) strlen( DATA_FILE_TYPE))) { data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1149:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (file_arg_ext_length == (int) strlen( DATA_BINARY_FILE_TYPE))) { data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1154:5: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat( file, file_pathname, strlen( file_pathname) - file_arg_ext_length); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1154:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat( file, file_pathname, strlen( file_pathname) - file_arg_ext_length); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1155:5: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat( binary_file, file_pathname, strlen( file_pathname) - file_arg_ext_length); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1155:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat( binary_file, file_pathname, strlen( file_pathname) - file_arg_ext_length); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1156:5: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat( file, DATA_FILE_TYPE, strlen( DATA_FILE_TYPE)); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1156:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat( file, DATA_FILE_TYPE, strlen( DATA_FILE_TYPE)); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1157:5: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat( binary_file, DATA_BINARY_FILE_TYPE, strlen( DATA_BINARY_FILE_TYPE)); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1157:50: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncat( binary_file, DATA_BINARY_FILE_TYPE, strlen( DATA_BINARY_FILE_TYPE)); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1226:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ((int) strlen( file_ext_addr) == (int) strlen( RESULTS_BINARY_FILE_TYPE))) { data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1226:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ((int) strlen( file_ext_addr) == (int) strlen( RESULTS_BINARY_FILE_TYPE))) { data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1241:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ((int) strlen( file_ext_addr) == (int) strlen( CHECKPOINT_BINARY_FILE_TYPE))) { data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1241:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ((int) strlen( file_ext_addr) == (int) strlen( CHECKPOINT_BINARY_FILE_TYPE))) { data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1292:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). token_length = strlen( token2); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1732:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). att->translations[i] = (char *) malloc( strlen( token2) + 1); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1746:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). token_ptr = (char *) malloc( strlen( token1) + 1); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1759:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). string_value = (char *) malloc( strlen( token3) + 1); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1782:7: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy( att->warnings_and_errors->unspecified_dummy_warning, ""); data/autoclass-3.3.6.dfsg.1/prog/io-results.c:1786:7: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy( att->warnings_and_errors->single_valued_warning, ""); data/autoclass-3.3.6.dfsg.1/prog/model-transforms.c:41:7: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat( str, "\n"); data/autoclass-3.3.6.dfsg.1/prog/search-control-2.c:341:4: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. sprintf(str, "\n"); data/autoclass-3.3.6.dfsg.1/prog/search-control.c:725:7: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy( reconverge_type, ""); data/autoclass-3.3.6.dfsg.1/prog/search-control.c:737:7: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(stop_reason, ""); data/autoclass-3.3.6.dfsg.1/prog/search-control.c:741:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy( reconverge_type, ""); data/autoclass-3.3.6.dfsg.1/prog/struct-data.c:151:4: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(temp->data_file, ""); data/autoclass-3.3.6.dfsg.1/prog/struct-data.c:152:4: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(temp->header_file, ""); data/autoclass-3.3.6.dfsg.1/prog/utils-math.c:70:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). string_length = strlen(string_num); data/autoclass-3.3.6.dfsg.1/prog/utils-math.c:100:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). string_length = strlen(string_num); data/autoclass-3.3.6.dfsg.1/prog/utils.c:95:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). date_time_string_ptr[strlen(date_time_string_ptr) - 1] = '\0'; data/autoclass-3.3.6.dfsg.1/prog/utils.c:570:7: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = getc(stdin); data/autoclass-3.3.6.dfsg.1/prog/utils.c:644:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int i, l1 = strlen(str), l2 = strlen(substr); data/autoclass-3.3.6.dfsg.1/prog/utils.c:644:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int i, l1 = strlen(str), l2 = strlen(substr); data/autoclass-3.3.6.dfsg.1/prog/utils.c:894:7: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = fgetc(stream); data/autoclass-3.3.6.dfsg.1/prog/utils.c:902:9: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = fgetc(stream); data/autoclass-3.3.6.dfsg.1/prog/utils.c:919:16: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (((c = fgetc(stream)) != '\n') && (c != '\r') && data/autoclass-3.3.6.dfsg.1/prog/utils.c:935:7: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = fgetc(stream); data/autoclass-3.3.6.dfsg.1/prog/utils.c:937:9: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = fgetc(stream); data/autoclass-3.3.6.dfsg.1/prog/utils.c:939:9: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = fgetc(stream); data/autoclass-3.3.6.dfsg.1/prog/utils.c:958:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int i, length = strlen(str); ANALYSIS SUMMARY: Hits = 619 Lines analyzed = 24546 in approximately 0.86 seconds (28452 lines/second) Physical Source Lines of Code (SLOC) = 16803 Hits@level = [0] 660 [1] 154 [2] 249 [3] 16 [4] 200 [5] 0 Hits@level+ = [0+] 1279 [1+] 619 [2+] 465 [3+] 216 [4+] 200 [5+] 0 Hits/KSLOC@level+ = [0+] 76.1174 [1+] 36.8387 [2+] 27.6736 [3+] 12.8548 [4+] 11.9026 [5+] 0 Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.