Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/fasttree-2.1.11/fasttree.c
FINAL RESULTS:
data/fasttree-2.1.11/fasttree.c:1969:23: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
if(tophitsMult>0) sprintf(tophitString,"%.2f*sqrtN close=%s refresh=%.2f",
data/fasttree-2.1.11/fasttree.c:2545:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, format, i1, i2, i3, i4);
data/fasttree-2.1.11/fasttree.c:2577:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fpLog, format, i);
data/fasttree-2.1.11/fasttree.c:3593:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, bQuote ? "('%s':0.0" : "(%s:0.0", names[first]);
data/fasttree-2.1.11/fasttree.c:3597:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, bQuote ? ",'%s':0.0" : ",%s:0.0", names[iName]);
data/fasttree-2.1.11/fasttree.c:3623:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, bQuote ? "'%s'" : "%s", names[first]);
data/fasttree-2.1.11/fasttree.c:3625:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, bQuote ? "('%s':0.0" : "(%s:0.0", names[first]);
data/fasttree-2.1.11/fasttree.c:3629:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, bQuote ? ",'%s':0.0" : ",%s:0.0", names[iName]);
data/fasttree-2.1.11/fasttree.c:3640:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, ":" FP_FORMAT, NJ->branchlength[node]);
data/fasttree-2.1.11/fasttree.c:3645:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, ")%.3f:" FP_FORMAT, NJ->support[node], NJ->branchlength[node]);
data/fasttree-2.1.11/fasttree.c:3647:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, "):" FP_FORMAT, NJ->branchlength[node]);
data/fasttree-2.1.11/fasttree.c:4696:10: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if(sscanf(field,ScanNumericSpec,&codes[iLine][iColumn]) != 1) {
data/fasttree-2.1.11/fasttree.c:4712:9: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (fscanf(fp,ScanNumericSpec,&codes[i]) != 1) {
data/fasttree-2.1.11/fasttree.c:4732:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer, prefix);
data/fasttree-2.1.11/fasttree.c:4736:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer, prefix);
data/fasttree-2.1.11/fasttree.c:4740:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer, prefix);
data/fasttree-2.1.11/fasttree.c:6385:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s NNI round %%d of %%d, %%d of %%d splits", useML ? "ML" : "ME");
data/fasttree-2.1.11/fasttree.c:1067:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
/*OPTIONAL*/char *constraintSeqs, int nConstraints,
data/fasttree-2.1.11/fasttree.c:1489:26: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
double ftol, double atol,
data/fasttree-2.1.11/fasttree.c:1493:27: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
double ftol, double atol,
data/fasttree-2.1.11/fasttree.c:1702:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
verbose = atoi(argv[++iArg]);
data/fasttree-2.1.11/fasttree.c:1727:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nAlign = atoi(argv[iArg]);
data/fasttree-2.1.11/fasttree.c:1749:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nBootstrap = atoi(argv[iArg]);
data/fasttree-2.1.11/fasttree.c:1754:19: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
long seed = atol(argv[iArg]);
data/fasttree-2.1.11/fasttree.c:1788:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nni = atoi(argv[iArg]);
data/fasttree-2.1.11/fasttree.c:1793:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
spr = atoi(argv[iArg]);
data/fasttree-2.1.11/fasttree.c:1796:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
maxSPRLength = atoi(argv[iArg]);
data/fasttree-2.1.11/fasttree.c:1799:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
MLnni = atoi(argv[iArg]);
data/fasttree-2.1.11/fasttree.c:1838:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
mlAccuracy = atoi(argv[iArg]);
data/fasttree-2.1.11/fasttree.c:1849:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nRateCats = atoi(argv[iArg]);
data/fasttree-2.1.11/fasttree.c:1902:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fpOut = fopen(argv[iArg],"w");
data/fasttree-2.1.11/fasttree.c:1944:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fpLog = fopen(logfile, "w");
data/fasttree-2.1.11/fasttree.c:1966:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tophitString[100] = "no";
data/fasttree-2.1.11/fasttree.c:1967:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tophitsCloseStr[100] = "default";
data/fasttree-2.1.11/fasttree.c:1968:26: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if(tophitsClose > 0) sprintf(tophitsCloseStr,"%.2f",tophitsClose);
data/fasttree-2.1.11/fasttree.c:1971:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char supportString[100] = "none";
data/fasttree-2.1.11/fasttree.c:1974:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(supportString, "SH-like %d", nBootstrap);
data/fasttree-2.1.11/fasttree.c:1976:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(supportString,"Local boot %d",nBootstrap);
data/fasttree-2.1.11/fasttree.c:1978:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nniString[100] = "(no NNI)";
data/fasttree-2.1.11/fasttree.c:1980:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(nniString, "+NNI (%d rounds)", nni);
data/fasttree-2.1.11/fasttree.c:1982:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(nniString, "+NNI");
data/fasttree-2.1.11/fasttree.c:1983:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sprString[100] = "(no SPR)";
data/fasttree-2.1.11/fasttree.c:1985:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sprString, "+SPR (%d rounds range %d)", spr, maxSPRLength);
data/fasttree-2.1.11/fasttree.c:1986:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mlnniString[100] = "(no ML-NNI)";
data/fasttree-2.1.11/fasttree.c:1988:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mlnniString, "+ML-NNI (%d rounds)", MLnni);
data/fasttree-2.1.11/fasttree.c:1990:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mlnniString, "+ML-NNI");
data/fasttree-2.1.11/fasttree.c:1992:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mlnniString, "+ML branch lengths");
data/fasttree-2.1.11/fasttree.c:1994:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(mlnniString, " approx");
data/fasttree-2.1.11/fasttree.c:1996:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mlnniString+strlen(mlnniString), " opt-each=%d",mlAccuracy);
data/fasttree-2.1.11/fasttree.c:2059:35: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fpIn = fileName != NULL ? fopen(fileName, "r") : stdin;
data/fasttree-2.1.11/fasttree.c:2066:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fpConstraints = fopen(constraintsFile, "r");
data/fasttree-2.1.11/fasttree.c:2075:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fpInTree = fopen(intreeFile,"r");
data/fasttree-2.1.11/fasttree.c:3183:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[BUFFER_SIZE];
data/fasttree-2.1.11/fasttree.c:3674:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFFER_SIZE] = "";
data/fasttree-2.1.11/fasttree.c:3947:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
/*OPTIONAL*/char *constraintSeq, int nConstraints,
data/fasttree-2.1.11/fasttree.c:3950:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char charToCode[256];
data/fasttree-2.1.11/fasttree.c:4650:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFFER_SIZE] = "";
data/fasttree-2.1.11/fasttree.c:4651:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "r");
data/fasttree-2.1.11/fasttree.c:4705:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename,"r");
data/fasttree-2.1.11/fasttree.c:4724:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[BUFFER_SIZE];
data/fasttree-2.1.11/fasttree.c:4733:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, ".distances");
data/fasttree-2.1.11/fasttree.c:4737:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, ".inverses");
data/fasttree-2.1.11/fasttree.c:4741:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, ".eigenvalues");
data/fasttree-2.1.11/fasttree.c:6384:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/fasttree-2.1.11/fasttree.c:6387:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf+strlen(buf), ", %d changes", nNNIThisRound);
data/fasttree-2.1.11/fasttree.c:6389:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf+strlen(buf), " (max delta %.3f)", *dMaxDelta);
data/fasttree-2.1.11/fasttree.c:8179:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(/*to*/mergeList, /*from*/uniqueList, nUnique * sizeof(besthit_t));
data/fasttree-2.1.11/fasttree.c:8751:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[100];
data/fasttree-2.1.11/fasttree.c:8752:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, ", OpenMP (%d threads)", omp_get_max_threads());
data/fasttree-2.1.11/fasttree.c:8805:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(/*to*/new, /*from*/data, sz);
data/fasttree-2.1.11/fasttree.c:8866:27: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
double ftol, double atol,
data/fasttree-2.1.11/fasttree.c:8894:22: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
|| fabs(a-b) < atol) {
data/fasttree-2.1.11/fasttree.c:8963:26: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
double ftol, double atol,
data/fasttree-2.1.11/fasttree.c:9009:42: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
optx = brent(ax, bx, cx, f, data, ftol, atol, fx, f2x, fa, fb, fc);
data/fasttree-2.1.11/fasttree.c:10047:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[BUFFER_SIZE];
data/fasttree-2.1.11/fasttree.c:10048:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "r");
data/fasttree-2.1.11/fasttree.c:10053:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expected[2*MAXCODES+20];
data/fasttree-2.1.11/fasttree.c:1690:5: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fgetc(stdin);
data/fasttree-2.1.11/fasttree.c:1996:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mlnniString+strlen(mlnniString), " opt-each=%d",mlAccuracy);
data/fasttree-2.1.11/fasttree.c:3186:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for (c = fgetc(fp); c != EOF; c = fgetc(fp)) {
data/fasttree-2.1.11/fasttree.c:3186:37: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for (c = fgetc(fp); c != EOF; c = fgetc(fp)) {
data/fasttree-2.1.11/fasttree.c:3710:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
names[nSeq-1] = (char*)mymemdup(buf+1,strlen(buf));
data/fasttree-2.1.11/fasttree.c:3724:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int nOld = (seqs[nSeq-1] == NULL) ? 0 : strlen(seqs[nSeq-1]);
data/fasttree-2.1.11/fasttree.c:3822:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int seqlen = strlen(seqs[iSeq]);
data/fasttree-2.1.11/fasttree.c:3836:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (iSeq == nSeq && strlen(seqs[0]) == nPos)
data/fasttree-2.1.11/fasttree.c:3848:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int seqlen = strlen(seqs[i]);
data/fasttree-2.1.11/fasttree.c:3901:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
aln->names[i] = myfree(aln->names[i],strlen(aln->names[i])+1);
data/fasttree-2.1.11/fasttree.c:3966:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(seq) == nPos);
data/fasttree-2.1.11/fasttree.c:3990:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(constraintSeq) == nConstraints);
data/fasttree-2.1.11/fasttree.c:4727:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(prefix) > BUFFER_SIZE-20) {
data/fasttree-2.1.11/fasttree.c:6387:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(buf+strlen(buf), ", %d changes", nNNIThisRound);
data/fasttree-2.1.11/fasttree.c:6389:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(buf+strlen(buf), " (max delta %.3f)", *dMaxDelta);
data/fasttree-2.1.11/fasttree.c:10078:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (field == NULL || strlen(field) != 1 || field[0] != codesStringAA[i]) {
ANALYSIS SUMMARY:
Hits = 93
Lines analyzed = 10304 in approximately 0.44 seconds (23570 lines/second)
Physical Source Lines of Code (SLOC) = 8064
Hits@level = [0] 340 [1] 16 [2] 60 [3] 0 [4] 17 [5] 0
Hits@level+ = [0+] 433 [1+] 93 [2+] 77 [3+] 17 [4+] 17 [5+] 0
Hits/KSLOC@level+ = [0+] 53.6954 [1+] 11.5327 [2+] 9.54861 [3+] 2.10813 [4+] 2.10813 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.