Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/galib-2.4.7/examples/ex1.C
Examining data/galib-2.4.7/examples/ex10.C
Examining data/galib-2.4.7/examples/ex11.C
Examining data/galib-2.4.7/examples/ex12.C
Examining data/galib-2.4.7/examples/ex13.C
Examining data/galib-2.4.7/examples/ex14.C
Examining data/galib-2.4.7/examples/ex15.C
Examining data/galib-2.4.7/examples/ex16.C
Examining data/galib-2.4.7/examples/ex17.C
Examining data/galib-2.4.7/examples/ex18.C
Examining data/galib-2.4.7/examples/ex19.C
Examining data/galib-2.4.7/examples/ex2.C
Examining data/galib-2.4.7/examples/ex20.C
Examining data/galib-2.4.7/examples/ex21.C
Examining data/galib-2.4.7/examples/ex22.C
Examining data/galib-2.4.7/examples/ex23.C
Examining data/galib-2.4.7/examples/ex24.C
Examining data/galib-2.4.7/examples/ex25.C
Examining data/galib-2.4.7/examples/ex26.C
Examining data/galib-2.4.7/examples/ex27.C
Examining data/galib-2.4.7/examples/ex3.C
Examining data/galib-2.4.7/examples/ex4.C
Examining data/galib-2.4.7/examples/ex5.C
Examining data/galib-2.4.7/examples/ex6.C
Examining data/galib-2.4.7/examples/ex7.C
Examining data/galib-2.4.7/examples/ex8.C
Examining data/galib-2.4.7/examples/ex9.C
Examining data/galib-2.4.7/examples/gnu/AllocRing.cc
Examining data/galib-2.4.7/examples/gnu/AllocRing.h
Examining data/galib-2.4.7/examples/gnu/bitand.c
Examining data/galib-2.4.7/examples/gnu/bitany.c
Examining data/galib-2.4.7/examples/gnu/bitblt.c
Examining data/galib-2.4.7/examples/gnu/bitclear.c
Examining data/galib-2.4.7/examples/gnu/bitcopy.c
Examining data/galib-2.4.7/examples/gnu/bitcount.c
Examining data/galib-2.4.7/examples/gnu/bitdo1.h
Examining data/galib-2.4.7/examples/gnu/bitdo2.h
Examining data/galib-2.4.7/examples/gnu/bitinvert.c
Examining data/galib-2.4.7/examples/gnu/bitlcomp.c
Examining data/galib-2.4.7/examples/gnu/bitprims.h
Examining data/galib-2.4.7/examples/gnu/bitset1.c
Examining data/galib-2.4.7/examples/gnu/bitstr.C
Examining data/galib-2.4.7/examples/gnu/bitstr.h
Examining data/galib-2.4.7/examples/gnu/BitString.cc
Examining data/galib-2.4.7/examples/gnu/BitString.h
Examining data/galib-2.4.7/examples/gnu/bitxor.c
Examining data/galib-2.4.7/examples/gnu/builtin.cc
Examining data/galib-2.4.7/examples/gnu/builtin.h
Examining data/galib-2.4.7/examples/gnu/error.cc
Examining data/galib-2.4.7/examples/gnu/gnuex.C
Examining data/galib-2.4.7/examples/gnu/Obstack.cc
Examining data/galib-2.4.7/examples/gnu/Obstack.h
Examining data/galib-2.4.7/examples/graphic/gaview.C
Examining data/galib-2.4.7/examples/graphic/tspview.C
Examining data/galib-2.4.7/examples/pvmind/genome.C
Examining data/galib-2.4.7/examples/pvmind/genome.h
Examining data/galib-2.4.7/examples/pvmind/master.C
Examining data/galib-2.4.7/examples/pvmind/slave.C
Examining data/galib-2.4.7/examples/pvmpop/genome.C
Examining data/galib-2.4.7/examples/pvmpop/genome.h
Examining data/galib-2.4.7/examples/pvmpop/master.C
Examining data/galib-2.4.7/examples/pvmpop/PVMDemeGA.C
Examining data/galib-2.4.7/examples/pvmpop/PVMDemeGA.h
Examining data/galib-2.4.7/examples/pvmpop/slave.C
Examining data/galib-2.4.7/examples/randtest.C
Examining data/galib-2.4.7/examples/seed.C
Examining data/galib-2.4.7/ga/ga.h
Examining data/galib-2.4.7/ga/GA1DArrayGenome.h
Examining data/galib-2.4.7/ga/GA1DBinStrGenome.C
Examining data/galib-2.4.7/ga/GA1DBinStrGenome.h
Examining data/galib-2.4.7/ga/GA2DArrayGenome.h
Examining data/galib-2.4.7/ga/GA2DBinStrGenome.C
Examining data/galib-2.4.7/ga/GA2DBinStrGenome.h
Examining data/galib-2.4.7/ga/GA3DArrayGenome.h
Examining data/galib-2.4.7/ga/GA3DBinStrGenome.C
Examining data/galib-2.4.7/ga/GA3DBinStrGenome.h
Examining data/galib-2.4.7/ga/GAAllele.C
Examining data/galib-2.4.7/ga/GAAllele.h
Examining data/galib-2.4.7/ga/GAArray.h
Examining data/galib-2.4.7/ga/GABaseGA.C
Examining data/galib-2.4.7/ga/GABaseGA.h
Examining data/galib-2.4.7/ga/GABin2DecGenome.C
Examining data/galib-2.4.7/ga/GABin2DecGenome.h
Examining data/galib-2.4.7/ga/gabincvt.C
Examining data/galib-2.4.7/ga/gabincvt.h
Examining data/galib-2.4.7/ga/GABinStr.C
Examining data/galib-2.4.7/ga/GABinStr.h
Examining data/galib-2.4.7/ga/gaconfig.h
Examining data/galib-2.4.7/ga/GADCrowdingGA.C
Examining data/galib-2.4.7/ga/GADCrowdingGA.h
Examining data/galib-2.4.7/ga/GADemeGA.C
Examining data/galib-2.4.7/ga/GADemeGA.h
Examining data/galib-2.4.7/ga/gaerror.C
Examining data/galib-2.4.7/ga/gaerror.h
Examining data/galib-2.4.7/ga/GAEvalData.h
Examining data/galib-2.4.7/ga/GAGenome.C
Examining data/galib-2.4.7/ga/GAGenome.h
Examining data/galib-2.4.7/ga/gaid.h
Examining data/galib-2.4.7/ga/GAIncGA.C
Examining data/galib-2.4.7/ga/GAIncGA.h
Examining data/galib-2.4.7/ga/GAList.C
Examining data/galib-2.4.7/ga/GAList.h
Examining data/galib-2.4.7/ga/GAListBASE.C
Examining data/galib-2.4.7/ga/GAListBASE.h
Examining data/galib-2.4.7/ga/GAListGenome.C
Examining data/galib-2.4.7/ga/GAListGenome.h
Examining data/galib-2.4.7/ga/GAMask.h
Examining data/galib-2.4.7/ga/GANode.h
Examining data/galib-2.4.7/ga/GAParameter.C
Examining data/galib-2.4.7/ga/GAParameter.h
Examining data/galib-2.4.7/ga/GAPopulation.C
Examining data/galib-2.4.7/ga/GAPopulation.h
Examining data/galib-2.4.7/ga/garandom.C
Examining data/galib-2.4.7/ga/garandom.h
Examining data/galib-2.4.7/ga/GARealGenome.C
Examining data/galib-2.4.7/ga/GARealGenome.h
Examining data/galib-2.4.7/ga/GAScaling.C
Examining data/galib-2.4.7/ga/GAScaling.h
Examining data/galib-2.4.7/ga/GASelector.C
Examining data/galib-2.4.7/ga/GASelector.h
Examining data/galib-2.4.7/ga/GASimpleGA.C
Examining data/galib-2.4.7/ga/GASimpleGA.h
Examining data/galib-2.4.7/ga/GASStateGA.C
Examining data/galib-2.4.7/ga/GASStateGA.h
Examining data/galib-2.4.7/ga/GAStatistics.C
Examining data/galib-2.4.7/ga/GAStatistics.h
Examining data/galib-2.4.7/ga/GAStringGenome.C
Examining data/galib-2.4.7/ga/GAStringGenome.h
Examining data/galib-2.4.7/ga/GATree.C
Examining data/galib-2.4.7/ga/GATree.h
Examining data/galib-2.4.7/ga/GATreeBASE.C
Examining data/galib-2.4.7/ga/GATreeBASE.h
Examining data/galib-2.4.7/ga/GATreeGenome.C
Examining data/galib-2.4.7/ga/GATreeGenome.h
Examining data/galib-2.4.7/ga/gatypes.h
Examining data/galib-2.4.7/ga/gaversion.h
Examining data/galib-2.4.7/ga/std_stream.h
Examining data/galib-2.4.7/ga/GA1DArrayGenome.C
Examining data/galib-2.4.7/ga/GA2DArrayGenome.C
Examining data/galib-2.4.7/ga/GA3DArrayGenome.C
FINAL RESULTS:
data/galib-2.4.7/examples/ex18.C:92:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(filename, argv[i]);
data/galib-2.4.7/examples/ex3.C:74:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(filename, argv[i]);
data/galib-2.4.7/examples/ex5.C:311:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(filename1, argv[i]);
data/galib-2.4.7/examples/ex5.C:321:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(filename2, argv[i]);
data/galib-2.4.7/examples/ex7.C:71:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(datafile, argv[i]);
data/galib-2.4.7/examples/ex7.C:81:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(parmfile, argv[i]);
data/galib-2.4.7/examples/pvmpop/PVMDemeGA.C:305:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sn, slavename);
data/galib-2.4.7/examples/seed.C:44:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(filename, argv[i]);
data/galib-2.4.7/ga/GAParameter.C:34:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname, fn);
data/galib-2.4.7/ga/GAParameter.C:40:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sname, sn);
data/galib-2.4.7/ga/GAParameter.C:63:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname, orig.fname);
data/galib-2.4.7/ga/GAParameter.C:68:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sname, orig.sname);
data/galib-2.4.7/ga/GAParameter.C:98:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ptr, (char*)v);
data/galib-2.4.7/ga/GAParameter.C:407:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, buf);
data/galib-2.4.7/ga/GAParameter.C:470:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(_gaerrbuf1, name);
data/galib-2.4.7/ga/GAParameter.C:480:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(_gaerrbuf1, name);
data/galib-2.4.7/ga/GAParameter.C:613:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(_gaerrbuf1, argv[i]);
data/galib-2.4.7/ga/GAStatistics.C:49:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(scorefile, gaDefScoreFilename);
data/galib-2.4.7/ga/GAStatistics.C:134:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(scorefile, orig.scorefile);
data/galib-2.4.7/ga/GAStatistics.h:164:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(scorefile, filename);
data/galib-2.4.7/ga/gaconfig.h:430:46: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
#error Unknown/untested compiler/operating system! Check these settings!
data/galib-2.4.7/ga/gaerror.C:78:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(gaErrMsg, clss);
data/galib-2.4.7/ga/gaerror.C:80:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(gaErrMsg, func);
data/galib-2.4.7/ga/gaerror.C:82:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(gaErrMsg, msg1);
data/galib-2.4.7/ga/gaerror.C:86:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(gaErrMsg, msg2);
data/galib-2.4.7/ga/gaerror.C:91:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(gaErrMsg, msg3);
data/galib-2.4.7/ga/gaerror.C:94:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(_gaerrbuf1, " %s : %ld\n", loc.file, loc.line);
data/galib-2.4.7/ga/gaerror.C:95:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(gaErrMsg, _gaerrbuf1);
data/galib-2.4.7/ga/gaerror.C:105:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(gaErrMsg, clss);
data/galib-2.4.7/ga/gaerror.C:107:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(gaErrMsg, func);
data/galib-2.4.7/ga/gaerror.C:109:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(gaErrMsg, __gaErrStr[i]);
data/galib-2.4.7/ga/gaerror.C:113:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(gaErrMsg, msg2);
data/galib-2.4.7/ga/gaerror.C:118:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(gaErrMsg, msg3);
data/galib-2.4.7/ga/gaerror.C:121:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(_gaerrbuf1, " %s : %ld\n", loc.file, loc.line);
data/galib-2.4.7/ga/gaerror.C:122:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(gaErrMsg, _gaerrbuf1);
data/galib-2.4.7/ga/gaerror.C:132:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(gaErrMsg, func);
data/galib-2.4.7/ga/gaerror.C:134:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(gaErrMsg, __gaErrStr[i]);
data/galib-2.4.7/ga/gaerror.C:138:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(gaErrMsg, msg2);
data/galib-2.4.7/ga/gaerror.C:143:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(gaErrMsg, msg3);
data/galib-2.4.7/ga/gaerror.C:146:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(_gaerrbuf1, " %s : %ld\n", loc.file, loc.line);
data/galib-2.4.7/ga/gaerror.C:147:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(gaErrMsg, _gaerrbuf1);
data/galib-2.4.7/ga/garandom.h:111:45: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
#error It is usually a bad idea to use the system randum number generator!
data/galib-2.4.7/ga/garandom.h:112:27: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
#error Be sure that your system generator works properly, then comment
data/galib-2.4.7/ga/garandom.h:120:29: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define _GA_RND random
data/galib-2.4.7/ga/garandom.h:121:29: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define _GA_RND_SEED srandom
data/galib-2.4.7/ga/garandom.h:126:29: [3] (random) lrand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define _GA_RND lrand48
data/galib-2.4.7/ga/garandom.h:133:29: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define _GA_RND_SEED srand
data/galib-2.4.7/examples/ex1.C:38:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
GARandomSeed((unsigned int)atoi(argv[ii]));
data/galib-2.4.7/examples/ex10.C:71:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
GARandomSeed((unsigned int)atoi(argv[ii]));
data/galib-2.4.7/examples/ex10.C:76:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[32] = "sinusoid.dat";
data/galib-2.4.7/examples/ex10.C:77:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char popfilename1[32] = "pop.nospec.dat";
data/galib-2.4.7/examples/ex10.C:78:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char popfilename2[32] = "pop.genespec.dat";
data/galib-2.4.7/examples/ex10.C:79:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char popfilename3[32] = "pop.phenespec.dat";
data/galib-2.4.7/examples/ex10.C:117:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outfile.open(popfilename1, (STD_IOS_OUT | STD_IOS_TRUNC));
data/galib-2.4.7/examples/ex10.C:141:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outfile.open(popfilename2, (STD_IOS_OUT | STD_IOS_TRUNC));
data/galib-2.4.7/examples/ex10.C:165:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outfile.open(popfilename3, (STD_IOS_OUT | STD_IOS_TRUNC));
data/galib-2.4.7/examples/ex10.C:181:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outfile.open(filename, (STD_IOS_OUT | STD_IOS_TRUNC));
data/galib-2.4.7/examples/ex11.C:38:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
GARandomSeed((unsigned int)atoi(argv[ii]));
data/galib-2.4.7/examples/ex12.C:44:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
GARandomSeed((unsigned int)atoi(argv[ii]));
data/galib-2.4.7/examples/ex13.C:59:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
seed = atoi(argv[ii]);
data/galib-2.4.7/examples/ex13.C:63:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[128] = "smiley.txt";
data/galib-2.4.7/examples/ex14.C:314:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nrobots = atoi(argv[i]);
data/galib-2.4.7/examples/ex14.C:324:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
listsize = atoi(argv[i]);
data/galib-2.4.7/examples/ex14.C:334:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
GARandomSeed((unsigned int)atoi(argv[i]));
data/galib-2.4.7/examples/ex15.C:35:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
seed = atoi(argv[ii]);
data/galib-2.4.7/examples/ex16.C:75:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
seed = atoi(argv[ii]);
data/galib-2.4.7/examples/ex17.C:39:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
seed = atoi(argv[ii]);
data/galib-2.4.7/examples/ex18.C:41:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
seed = atoi(argv[ii]);
data/galib-2.4.7/examples/ex18.C:64:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[128] = "smiley.txt";
data/galib-2.4.7/examples/ex19.C:47:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
seed = atoi(argv[ii]);
data/galib-2.4.7/examples/ex19.C:72:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
whichFunction = atoi(argv[i]) - 1;
data/galib-2.4.7/examples/ex2.C:40:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
seed = atoi(argv[ii]);
data/galib-2.4.7/examples/ex20.C:157:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
seed = atoi(argv[ii]);
data/galib-2.4.7/examples/ex21.C:43:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
seed = atoi(argv[ii]);
data/galib-2.4.7/examples/ex22.C:137:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
seed = atoi(argv[ii]);
data/galib-2.4.7/examples/ex22.C:173:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outfile.open(ifile, (STD_IOS_OUT | STD_IOS_TRUNC));
data/galib-2.4.7/examples/ex22.C:197:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outfile.open(ffile, (STD_IOS_OUT | STD_IOS_TRUNC));
data/galib-2.4.7/examples/ex22.C:207:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outfile.open(file, (STD_IOS_OUT | STD_IOS_TRUNC));
data/galib-2.4.7/examples/ex23.C:49:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
GARandomSeed((unsigned int)atoi(argv[jj]));
data/galib-2.4.7/examples/ex23.C:77:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outfile.open("popi.dat", (STD_IOS_OUT | STD_IOS_TRUNC));
data/galib-2.4.7/examples/ex23.C:89:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outfile.open("popf.dat", (STD_IOS_OUT | STD_IOS_TRUNC));
data/galib-2.4.7/examples/ex23.C:99:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outfile.open("sinusoid.dat", (STD_IOS_OUT | STD_IOS_TRUNC));
data/galib-2.4.7/examples/ex24.C:171:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
seed = atoi(argv[ii]);
data/galib-2.4.7/examples/ex24.C:200:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outfile.open("population.dat", (STD_IOS_OUT | STD_IOS_TRUNC));
data/galib-2.4.7/examples/ex24.C:210:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outfile.open("sinusoid.dat", (STD_IOS_OUT | STD_IOS_TRUNC));
data/galib-2.4.7/examples/ex25.C:32:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
seed = atoi(argv[ii]);
data/galib-2.4.7/examples/ex26.C:77:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
seed = atoi(argv[ii]);
data/galib-2.4.7/examples/ex26.C:242:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char CM[MAX_TOWNS][MAX_TOWNS],visit[MAX_TOWNS];
data/galib-2.4.7/examples/ex26.C:372:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char CM1[MAX_TOWNS][MAX_TOWNS],CM2[MAX_TOWNS][MAX_TOWNS];
data/galib-2.4.7/examples/ex27.C:172:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
GARandomSeed((unsigned int)atoi(argv[i]));
data/galib-2.4.7/examples/ex27.C:202:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
which = atoi(argv[i]);
data/galib-2.4.7/examples/ex3.C:42:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
GARandomSeed((unsigned int)atoi(argv[ii]));
data/galib-2.4.7/examples/ex3.C:63:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[128] = "smiley.txt";
data/galib-2.4.7/examples/ex4.C:41:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
GARandomSeed((unsigned int)atoi(argv[ii]));
data/galib-2.4.7/examples/ex5.C:288:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
GARandomSeed((unsigned int)atoi(argv[ii]));
data/galib-2.4.7/examples/ex5.C:301:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename1[128] = "smiley.txt";
data/galib-2.4.7/examples/ex5.C:302:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename2[128] = "values.txt";
data/galib-2.4.7/examples/ex5.C:346:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
infile.open(filename1);
data/galib-2.4.7/examples/ex5.C:371:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
infile.open(filename2);
data/galib-2.4.7/examples/ex6.C:52:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
seed = atoi(argv[i]);
data/galib-2.4.7/examples/ex7.C:36:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
GARandomSeed((unsigned int)atoi(argv[ii]));
data/galib-2.4.7/examples/ex7.C:54:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char datafile[128] = "smiley.txt";
data/galib-2.4.7/examples/ex7.C:55:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char parmfile[128] = "";
data/galib-2.4.7/examples/ex8.C:48:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
GARandomSeed((unsigned int)atoi(argv[i]));
data/galib-2.4.7/examples/ex9.C:37:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
seed = atoi(argv[i]);
data/galib-2.4.7/examples/gnu/BitString.cc:201:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rep->s, old->s, BitStr_len(old->len) * sizeof(_BS_word));
data/galib-2.4.7/examples/gnu/BitString.cc:238:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rep->s, src->s, news * sizeof(_BS_word));
data/galib-2.4.7/examples/gnu/Obstack.cc:84:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)new_chunk->contents, (void*)objectbase, obj_size);
data/galib-2.4.7/examples/gnu/Obstack.h:37:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char contents[4];
data/galib-2.4.7/examples/gnu/Obstack.h:127:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(nextfree, data, size);
data/galib-2.4.7/examples/gnu/Obstack.h:135:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(nextfree, data, size);
data/galib-2.4.7/examples/gnu/bitcount.c:29:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char
data/galib-2.4.7/examples/graphic/gaview.C:412:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char txt[62];
data/galib-2.4.7/examples/graphic/gaview.C:413:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(txt, "%d", ga->generation());
data/galib-2.4.7/examples/graphic/gaview.C:418:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char txt[62];
data/galib-2.4.7/examples/graphic/gaview.C:419:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(txt, "%d", ga->generation());
data/galib-2.4.7/examples/graphic/gaview.C:767:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *)bm[bmRewind].bits,
data/galib-2.4.7/examples/graphic/gaview.C:780:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *)bm[bmStop].bits,
data/galib-2.4.7/examples/graphic/gaview.C:794:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *)bm[bmForwardStop].bits,
data/galib-2.4.7/examples/graphic/gaview.C:809:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *)bm[bmFastForwardStop].bits,
data/galib-2.4.7/examples/graphic/gaview.C:824:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *)bm[bmFastForward].bits,
data/galib-2.4.7/examples/graphic/tspview.C:208:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
whichGA = atoi(argv[ii]);
data/galib-2.4.7/examples/graphic/tspview.C:556:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char CM[MAX_TOWNS][MAX_TOWNS],visit[MAX_TOWNS];
data/galib-2.4.7/examples/graphic/tspview.C:638:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char CM1[MAX_TOWNS][MAX_TOWNS],CM2[MAX_TOWNS][MAX_TOWNS];
data/galib-2.4.7/examples/graphic/tspview.C:749:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *)bm[bmRewind].bits,
data/galib-2.4.7/examples/graphic/tspview.C:761:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *)bm[bmStop].bits,
data/galib-2.4.7/examples/graphic/tspview.C:775:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *)bm[bmForward].bits,
data/galib-2.4.7/examples/graphic/tspview.C:789:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *)bm[bmForwardStop].bits,
data/galib-2.4.7/examples/graphic/tspview.C:804:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *)bm[bmFastForward].bits,
data/galib-2.4.7/examples/pvmind/genome.C:38:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[255];
data/galib-2.4.7/examples/pvmind/genome.C:50:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[255];
data/galib-2.4.7/examples/pvmind/master.C:66:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
length = atoi(argv[i]);
data/galib-2.4.7/examples/pvmind/master.C:76:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
data.nreq = atoi(argv[i]);
data/galib-2.4.7/examples/pvmpop/PVMDemeGA.C:304:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sn[32]; // PVM is not const-safe...
data/galib-2.4.7/examples/pvmpop/genome.C:38:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[255];
data/galib-2.4.7/examples/randtest.C:62:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
seed = atoi(argv[i]);
data/galib-2.4.7/examples/seed.C:34:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[128] = "smiley.txt";
data/galib-2.4.7/examples/seed.C:54:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
seed = atoi(argv[i]);
data/galib-2.4.7/ga/GAAllele.C:449:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aset, tmp, sz * sizeof(GAAlleleSet<T>*));
data/galib-2.4.7/ga/GAAllele.C:463:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aset, tmp, sz * sizeof(GAAlleleSet<T>*));
data/galib-2.4.7/ga/GAAllele.C:478:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aset, tmp, sz * sizeof(GAAlleleSet<T>*));
data/galib-2.4.7/ga/GAAllele.C:493:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aset, tmp, sz * sizeof(GAAlleleSet<T>*));
data/galib-2.4.7/ga/GABaseGA.C:434:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpname[64];
data/galib-2.4.7/ga/GABaseGA.C:435:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmpname, value, strlen((char*)value)+1);
data/galib-2.4.7/ga/GABin2DecGenome.C:44:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(nbits, p.nbits, n*sizeof(unsigned short));
data/galib-2.4.7/ga/GABin2DecGenome.C:45:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(oset, p.oset, n*sizeof(unsigned short));
data/galib-2.4.7/ga/GABin2DecGenome.C:46:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(minval, p.minval, n*sizeof(float));
data/galib-2.4.7/ga/GABin2DecGenome.C:47:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(maxval, p.maxval, n*sizeof(float));
data/galib-2.4.7/ga/GABin2DecGenome.C:80:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(nbits, p.nbits, n*sizeof(unsigned short));
data/galib-2.4.7/ga/GABin2DecGenome.C:81:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(oset, p.oset, n*sizeof(unsigned short));
data/galib-2.4.7/ga/GABin2DecGenome.C:82:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(minval, p.minval, n*sizeof(float));
data/galib-2.4.7/ga/GABin2DecGenome.C:83:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(maxval, p.maxval, n*sizeof(float));
data/galib-2.4.7/ga/GABin2DecGenome.C:106:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(core->nbits, nbtmp, core->n*sizeof(unsigned short));
data/galib-2.4.7/ga/GABin2DecGenome.C:111:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(core->oset, ostmp, core->n*sizeof(unsigned short));
data/galib-2.4.7/ga/GABin2DecGenome.C:116:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(core->minval, mintmp, core->n*sizeof(float));
data/galib-2.4.7/ga/GABin2DecGenome.C:121:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(core->maxval, maxtmp, core->n*sizeof(float));
data/galib-2.4.7/ga/GABinStr.C:30:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, orig.data, SZ*sizeof(GABit));
data/galib-2.4.7/ga/GABinStr.C:53:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, tmp, sz * sizeof(GABit));
data/galib-2.4.7/ga/GABinStr.h:54:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(data[r]), &(orig.data[x]), l*sizeof(GABit));
data/galib-2.4.7/ga/GADemeGA.C:97:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(nrepl, ga.nrepl, npop * sizeof(int));
data/galib-2.4.7/ga/GADemeGA.C:258:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(deme, ptmp, n * sizeof(GAPopulation*));
data/galib-2.4.7/ga/GADemeGA.C:269:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(nrepl, rtmp, n * sizeof(int));
data/galib-2.4.7/ga/GADemeGA.C:277:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(deme, ptmp, npop * sizeof(GAPopulation*));
data/galib-2.4.7/ga/GADemeGA.C:290:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(nrepl, rtmp, npop * sizeof(int));
data/galib-2.4.7/ga/GAMask.h:23:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_mask, m._mask, _n*sizeof(GA_MASK_TYPE));
data/galib-2.4.7/ga/GAParameter.C:253:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, tmp, n * sizeof(GAParameter*));
data/galib-2.4.7/ga/GAParameter.C:383:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/galib-2.4.7/ga/GAParameter.C:384:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[NAMESIZE];
data/galib-2.4.7/ga/GAParameter.C:393:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
npairs = atoi(buf);
data/galib-2.4.7/ga/GAParameter.C:428:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ival = atoi(buf);
data/galib-2.4.7/ga/GAParameter.C:469:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(_gaerrbuf1, "unrecognized variable name '");
data/galib-2.4.7/ga/GAParameter.C:479:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(_gaerrbuf1, "variable ");
data/galib-2.4.7/ga/GAParameter.C:481:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(_gaerrbuf1, " has no value");
data/galib-2.4.7/ga/GAParameter.C:482:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(_gaerrbuf2, "be sure there is a newline at end of the file");
data/galib-2.4.7/ga/GAParameter.C:550:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ival = atoi(argv[i]);
data/galib-2.4.7/ga/GAParameter.C:565:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ival = atoi(argv[i]);
data/galib-2.4.7/ga/GAParameter.C:612:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(_gaerrbuf1, "unrecognized name ");
data/galib-2.4.7/ga/GAParameter.C:622:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(argv, argvout, argc*sizeof(char*));
data/galib-2.4.7/ga/GAPopulation.C:93:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sind, rind, N * sizeof(GAGenome*));
data/galib-2.4.7/ga/GAPopulation.C:156:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sind, rind, N * sizeof(GAGenome*));
data/galib-2.4.7/ga/GAPopulation.C:160:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(indDiv, arg.indDiv, (N*N*sizeof(float)));
data/galib-2.4.7/ga/GAPopulation.C:235:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sind, rind, N * sizeof(GAGenome*));
data/galib-2.4.7/ga/GAPopulation.C:263:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rind, tmp, oldsize*sizeof(GAGenome *));
data/galib-2.4.7/ga/GAPopulation.C:267:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sind, tmp, oldsize*sizeof(GAGenome *));
data/galib-2.4.7/ga/GAPopulation.C:274:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(indDiv[i*N]), &(tmpd[i*oldsize]), oldsize*sizeof(float));
data/galib-2.4.7/ga/GAPopulation.C:294:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rind, tmp, n*sizeof(GAGenome *));
data/galib-2.4.7/ga/GAPopulation.C:298:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sind, tmp, n*sizeof(GAGenome *));
data/galib-2.4.7/ga/GAPopulation.C:579:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sind, rind, N * sizeof(GAGenome*));
data/galib-2.4.7/ga/GAPopulation.C:584:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rind, sind, N * sizeof(GAGenome*));
data/galib-2.4.7/ga/GAPopulation.C:643:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sind, rind, N * sizeof(GAGenome*));
data/galib-2.4.7/ga/GAPopulation.C:649:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rind, sind, N * sizeof(GAGenome*));
data/galib-2.4.7/ga/GAScaling.C:269:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d, s.d, N*N*sizeof(float));
data/galib-2.4.7/ga/GASelector.h:123:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(psum, sel.psum, n * sizeof(float));
data/galib-2.4.7/ga/GASelector.h:203:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fraction, sel.fraction, n * sizeof(float));
data/galib-2.4.7/ga/GASelector.h:204:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(choices, sel.choices, n * sizeof(unsigned int));
data/galib-2.4.7/ga/GASelector.h:254:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fraction, sel.fraction, n * sizeof(float));
data/galib-2.4.7/ga/GASelector.h:255:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(choices, sel.choices, n * sizeof(unsigned int));
data/galib-2.4.7/ga/GASelector.h:256:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(idx, sel.idx, n * sizeof(unsigned int));
data/galib-2.4.7/ga/GAStatistics.C:109:31: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
cscore = new float [Nconv]; memcpy(cscore, orig.cscore, Nconv*sizeof(float));
data/galib-2.4.7/ga/GAStatistics.C:114:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(gen, orig.gen, Nscrs*sizeof(int));
data/galib-2.4.7/ga/GAStatistics.C:117:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aveScore, orig.aveScore, Nscrs*sizeof(float));
data/galib-2.4.7/ga/GAStatistics.C:120:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(maxScore, orig.maxScore, Nscrs*sizeof(float));
data/galib-2.4.7/ga/GAStatistics.C:123:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(minScore, orig.minScore, Nscrs*sizeof(float));
data/galib-2.4.7/ga/GAStatistics.C:126:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(devScore, orig.devScore, Nscrs*sizeof(float));
data/galib-2.4.7/ga/GAStatistics.C:129:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(divScore, orig.divScore, Nscrs*sizeof(float));
data/galib-2.4.7/ga/GAStatistics.C:349:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cscore, tmp, (nconv+1) * sizeof(float));
data/galib-2.4.7/ga/GAStatistics.C:352:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(cscore[Nconv-(nconv%Nconv)-1]), tmp,
data/galib-2.4.7/ga/GAStatistics.C:354:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cscore, &(tmp[(nconv%Nconv)+1]),
data/galib-2.4.7/ga/GAStatistics.C:360:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cscore, tmp, (nconv+1) * sizeof(float));
data/galib-2.4.7/ga/GAStatistics.C:364:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(cscore[n-(nconv%Nconv)-1]), tmp,
data/galib-2.4.7/ga/GAStatistics.C:366:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cscore, &(tmp[Nconv-(1+n-(nconv%Nconv))]), sizeof(float));
data/galib-2.4.7/ga/GAStatistics.C:369:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cscore, &(tmp[1+(nconv%Nconv)-n]), n * sizeof(float));
data/galib-2.4.7/ga/GAStatistics.C:450:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(gen, tmpi, (n < Nscrs ? n : Nscrs)*sizeof(int));
data/galib-2.4.7/ga/GAStatistics.C:455:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aveScore, tmpf, (n < Nscrs ? n : Nscrs)*sizeof(float));
data/galib-2.4.7/ga/GAStatistics.C:460:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(maxScore, tmpf, (n < Nscrs ? n : Nscrs)*sizeof(float));
data/galib-2.4.7/ga/GAStatistics.C:465:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(minScore, tmpf, (n < Nscrs ? n : Nscrs)*sizeof(float));
data/galib-2.4.7/ga/GAStatistics.C:470:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(devScore, tmpf, (n < Nscrs ? n : Nscrs)*sizeof(float));
data/galib-2.4.7/ga/GAStatistics.C:475:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(divScore, tmpf, (n < Nscrs ? n : Nscrs)*sizeof(float));
data/galib-2.4.7/ga/gabincvt.C:59:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(_gaerrbuf1,"string is %d bits, max is %d", nbits, _GA_MAX_BITS-1);
data/galib-2.4.7/ga/gabincvt.C:73:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(_gaerrbuf1,"string is %d bits, max is %d", nbits, _GA_MAX_BITS-1);
data/galib-2.4.7/ga/gabincvt.C:89:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(_gaerrbuf1,"desired: %f\tactual: %f\tdiscretization: %f",
data/galib-2.4.7/ga/gabincvt.C:91:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(_gaerrbuf2," nbits: %d\t\tmin: %f\t\tmax: %f",
data/galib-2.4.7/ga/gaerror.C:15:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gaErrMsg[512];
data/galib-2.4.7/ga/gaerror.C:16:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char _gaerrbuf1[120];
data/galib-2.4.7/ga/gaerror.C:17:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char _gaerrbuf2[120];
data/galib-2.4.7/ga/gaerror.C:79:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(gaErrMsg, "::");
data/galib-2.4.7/ga/gaerror.C:81:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(gaErrMsg, ":\n ");
data/galib-2.4.7/ga/gaerror.C:85:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(gaErrMsg, " ");
data/galib-2.4.7/ga/gaerror.C:90:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(gaErrMsg, " ");
data/galib-2.4.7/ga/gaerror.C:106:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(gaErrMsg, "::");
data/galib-2.4.7/ga/gaerror.C:108:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(gaErrMsg, ":\n ");
data/galib-2.4.7/ga/gaerror.C:112:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(gaErrMsg, " ");
data/galib-2.4.7/ga/gaerror.C:117:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(gaErrMsg, " ");
data/galib-2.4.7/ga/gaerror.C:133:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(gaErrMsg, ":\n ");
data/galib-2.4.7/ga/gaerror.C:137:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(gaErrMsg, " ");
data/galib-2.4.7/ga/gaerror.C:142:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(gaErrMsg, " ");
data/galib-2.4.7/examples/ex14.C:55:15: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
virtual int equal(const GAGenome& g) const;
data/galib-2.4.7/examples/ex14.C:56:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual int read(istream & is);
data/galib-2.4.7/examples/ex14.C:116:18: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
RobotPathGenome::equal(const GAGenome& g) const {
data/galib-2.4.7/examples/ex14.C:120:21: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
flag = list[i]->equal(*genome.list[i]);
data/galib-2.4.7/examples/ex14.C:125:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
RobotPathGenome::read(istream & is) {
data/galib-2.4.7/examples/ex5.C:52:15: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
virtual int equal(const GAGenome& g) const;
data/galib-2.4.7/examples/ex5.C:53:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual int read(istream & is);
data/galib-2.4.7/examples/ex5.C:109:18: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
CompositeGenome::equal(const GAGenome& g) const {
data/galib-2.4.7/examples/ex5.C:115:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
CompositeGenome::read(istream & is) {
data/galib-2.4.7/examples/ex7.C:82:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
params.read(parmfile);
data/galib-2.4.7/examples/gnu/BitString.cc:1401:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int sl = strlen(s);
data/galib-2.4.7/examples/gnu/BitString.cc:1446:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int sl = strlen(s);
data/galib-2.4.7/examples/gnu/Obstack.h:142:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
grow((const void*)s, strlen(s), 0);
data/galib-2.4.7/examples/gnu/Obstack.h:179:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
grow((const void*)s, strlen(s), 0);
data/galib-2.4.7/examples/gnu/bitstr.h:51:7: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
int equal(const GAGenome & c) const {
data/galib-2.4.7/examples/pvmpop/PVMDemeGA.h:68:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
{arg.read(is); return(is);}
data/galib-2.4.7/ga/GA1DArrayGenome.C:143:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
GA1DArrayGenome<T>::read(STD_ISTREAM &) {
data/galib-2.4.7/ga/GA1DArrayGenome.C:187:21: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
GA1DArrayGenome<T>::equal(const GAGenome & c) const {
data/galib-2.4.7/ga/GA1DArrayGenome.C:312:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
GA1DArrayAlleleGenome<T>::read(STD_ISTREAM& is){
data/galib-2.4.7/ga/GA1DArrayGenome.C:313:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return GA1DArrayGenome<T>::read(is);
data/galib-2.4.7/ga/GA1DArrayGenome.C:323:27: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
GA1DArrayAlleleGenome<T>::equal(const GAGenome & c) const {
data/galib-2.4.7/ga/GA1DArrayGenome.C:324:30: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
return GA1DArrayGenome<T>::equal(c);
data/galib-2.4.7/ga/GA1DArrayGenome.h:72:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual int read(STD_ISTREAM & is);
data/galib-2.4.7/ga/GA1DArrayGenome.h:76:15: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
virtual int equal(const GAGenome & c) const ;
data/galib-2.4.7/ga/GA1DArrayGenome.h:159:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual int read(STD_ISTREAM & is);
data/galib-2.4.7/ga/GA1DArrayGenome.h:163:15: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
virtual int equal(const GAGenome & c) const ;
data/galib-2.4.7/ga/GA1DBinStrGenome.C:139:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
GA1DBinaryStringGenome::read(STD_ISTREAM & is)
data/galib-2.4.7/ga/GA1DBinStrGenome.C:208:25: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
GA1DBinaryStringGenome::equal(const GAGenome & c) const {
data/galib-2.4.7/ga/GA1DBinStrGenome.h:79:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual int read(STD_ISTREAM & is);
data/galib-2.4.7/ga/GA1DBinStrGenome.h:83:15: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
virtual int equal(const GAGenome & c) const;
data/galib-2.4.7/ga/GA2DArrayGenome.C:133:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
GA2DArrayGenome<T>::read(STD_ISTREAM &) {
data/galib-2.4.7/ga/GA2DArrayGenome.C:221:21: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
GA2DArrayGenome<T>::equal(const GAGenome & c) const
data/galib-2.4.7/ga/GA2DArrayGenome.C:360:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
GA2DArrayAlleleGenome<T>::read(STD_ISTREAM& is){
data/galib-2.4.7/ga/GA2DArrayGenome.C:361:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return GA2DArrayGenome<T>::read(is);
data/galib-2.4.7/ga/GA2DArrayGenome.C:371:27: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
GA2DArrayAlleleGenome<T>::equal(const GAGenome & c) const {
data/galib-2.4.7/ga/GA2DArrayGenome.C:372:30: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
return GA2DArrayGenome<T>::equal(c);
data/galib-2.4.7/ga/GA2DArrayGenome.h:54:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual int read(STD_ISTREAM & is);
data/galib-2.4.7/ga/GA2DArrayGenome.h:58:15: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
virtual int equal(const GAGenome & c) const;
data/galib-2.4.7/ga/GA2DArrayGenome.h:133:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual int read(STD_ISTREAM & is);
data/galib-2.4.7/ga/GA2DArrayGenome.h:137:7: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
int equal(const GAGenome & c) const ;
data/galib-2.4.7/ga/GA2DBinStrGenome.C:139:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
GA2DBinaryStringGenome::read(STD_ISTREAM & is)
data/galib-2.4.7/ga/GA2DBinStrGenome.C:322:25: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
GA2DBinaryStringGenome::equal(const GAGenome & c) const
data/galib-2.4.7/ga/GA2DBinStrGenome.h:63:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual int read(STD_ISTREAM &);
data/galib-2.4.7/ga/GA2DBinStrGenome.h:67:15: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
virtual int equal(const GAGenome & c) const;
data/galib-2.4.7/ga/GA3DArrayGenome.C:175:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
GA3DArrayGenome<T>::read(STD_ISTREAM &) {
data/galib-2.4.7/ga/GA3DArrayGenome.C:282:21: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
GA3DArrayGenome<T>::equal(const GAGenome & c) const
data/galib-2.4.7/ga/GA3DArrayGenome.C:440:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
GA3DArrayAlleleGenome<T>::read(STD_ISTREAM& is){
data/galib-2.4.7/ga/GA3DArrayGenome.C:441:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return GA3DArrayGenome<T>::read(is);
data/galib-2.4.7/ga/GA3DArrayGenome.C:451:27: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
GA3DArrayAlleleGenome<T>::equal(const GAGenome & c) const {
data/galib-2.4.7/ga/GA3DArrayGenome.C:452:30: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
return GA3DArrayGenome<T>::equal(c);
data/galib-2.4.7/ga/GA3DArrayGenome.h:56:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual int read(STD_ISTREAM &);
data/galib-2.4.7/ga/GA3DArrayGenome.h:60:15: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
virtual int equal(const GAGenome & c) const;
data/galib-2.4.7/ga/GA3DArrayGenome.h:143:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual int read(STD_ISTREAM & is);
data/galib-2.4.7/ga/GA3DArrayGenome.h:147:15: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
virtual int equal(const GAGenome & c) const ;
data/galib-2.4.7/ga/GA3DBinStrGenome.C:188:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
GA3DBinaryStringGenome::read(STD_ISTREAM & is)
data/galib-2.4.7/ga/GA3DBinStrGenome.C:434:25: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
GA3DBinaryStringGenome::equal(const GAGenome & c) const
data/galib-2.4.7/ga/GA3DBinStrGenome.h:64:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual int read(STD_ISTREAM &);
data/galib-2.4.7/ga/GA3DBinStrGenome.h:68:15: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
virtual int equal(const GAGenome & c) const;
data/galib-2.4.7/ga/GAAllele.C:248:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
GAAlleleSet<T>::read(STD_ISTREAM&){
data/galib-2.4.7/ga/GAAllele.h:139:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int read(STD_ISTREAM &);
data/galib-2.4.7/ga/GAAllele.h:197:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
{ arg.read(is); return is; }
data/galib-2.4.7/ga/GABaseGA.C:304:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
params.read(filename, flag);
data/galib-2.4.7/ga/GABaseGA.C:312:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
params.read(is, flag);
data/galib-2.4.7/ga/GABaseGA.C:435:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(tmpname, value, strlen((char*)value)+1);
data/galib-2.4.7/ga/GABaseGA.h:143:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual int read(const char*){return 0;}
data/galib-2.4.7/ga/GABaseGA.h:144:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual int read(STD_ISTREAM &){return 0;}
data/galib-2.4.7/ga/GABin2DecGenome.C:151:21: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
GABin2DecPhenotype::equal(const GABin2DecPhenotype & b) const {
data/galib-2.4.7/ga/GABin2DecGenome.C:269:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
GABin2DecGenome::read(STD_ISTREAM & is)
data/galib-2.4.7/ga/GABin2DecGenome.C:294:18: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
GABin2DecGenome::equal(const GAGenome& g) const {
data/galib-2.4.7/ga/GABin2DecGenome.C:296:35: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
return((GA1DBinaryStringGenome::equal(b) && *ptype == *(b.ptype)) ?
data/galib-2.4.7/ga/GABin2DecGenome.h:83:7: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
int equal(const GABin2DecPhenotype&) const;
data/galib-2.4.7/ga/GABin2DecGenome.h:91:12: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
return a.equal(b);
data/galib-2.4.7/ga/GABin2DecGenome.h:96:13: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
return (a.equal(b) ? 0 : 1);
data/galib-2.4.7/ga/GABin2DecGenome.h:128:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual int read (STD_ISTREAM &);
data/galib-2.4.7/ga/GABin2DecGenome.h:132:15: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
virtual int equal(const GAGenome &) const;
data/galib-2.4.7/ga/GADemeGA.h:102:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
{arg.read(is); return(is);}
data/galib-2.4.7/ga/GAGenome.h:209:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual int read(STD_ISTREAM &)
data/galib-2.4.7/ga/GAGenome.h:215:15: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
virtual int equal(const GAGenome &) const
data/galib-2.4.7/ga/GAGenome.h:218:15: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
{ return (equal(g) ? 0 : 1); }
data/galib-2.4.7/ga/GAGenome.h:280:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
{ genome.read(is); return(is); }
data/galib-2.4.7/ga/GAGenome.h:284:12: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
{ return a.equal(b); }
data/galib-2.4.7/ga/GAIncGA.h:91:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
{ arg.read(is); return(is); }
data/galib-2.4.7/ga/GAListGenome.C:109:18: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
GAListGenome<T>::equal(const GAGenome & c) const
data/galib-2.4.7/ga/GAListGenome.h:52:15: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
virtual int equal(const GAGenome & c) const;
data/galib-2.4.7/ga/GAParameter.C:33:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fname = new char[strlen(fn)+1];
data/galib-2.4.7/ga/GAParameter.C:39:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sname = new char[strlen(sn)+1];
data/galib-2.4.7/ga/GAParameter.C:62:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fname = new char[strlen(orig.fname)+1];
data/galib-2.4.7/ga/GAParameter.C:67:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sname = new char[strlen(orig.sname)+1];
data/galib-2.4.7/ga/GAParameter.C:96:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen((char*)v) > 0){
data/galib-2.4.7/ga/GAParameter.C:97:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = new char[strlen((char*)v)+1];
data/galib-2.4.7/ga/GAParameter.C:379:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
GAParameterList::read(STD_ISTREAM& is, GABoolean flag){
data/galib-2.4.7/ga/GAParameter.C:468:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(_gaerrbuf1, "");
data/galib-2.4.7/ga/GAParameter.C:471:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(_gaerrbuf1, "'");
data/galib-2.4.7/ga/GAParameter.C:478:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(_gaerrbuf1, "");
data/galib-2.4.7/ga/GAParameter.C:492:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
GAParameterList::read(const char* filename, GABoolean flag){
data/galib-2.4.7/ga/GAParameter.C:498:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int status = read(infile, flag);
data/galib-2.4.7/ga/GAParameter.C:633:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(int i=strlen(str)-1; i>=0; i--)
data/galib-2.4.7/ga/GAParameter.h:96:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int read(const char* filename, GABoolean flag=gaTrue);
data/galib-2.4.7/ga/GAParameter.h:97:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int read(STD_ISTREAM & is, GABoolean flag=gaTrue);
data/galib-2.4.7/ga/GAParameter.h:111:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
{ plist.read(is); return is; }
data/galib-2.4.7/ga/GAPopulation.h:177:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual void read(STD_ISTREAM &){}
data/galib-2.4.7/ga/GAPopulation.h:225:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
{ arg.read(is); return is; }
data/galib-2.4.7/ga/GARealGenome.C:121:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
GA1DArrayAlleleGenome<float>::read(STD_ISTREAM & is) {
data/galib-2.4.7/ga/GASStateGA.h:70:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
{ arg.read(is); return(is); }
data/galib-2.4.7/ga/GASimpleGA.h:67:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
{ arg.read(is); return(is); }
data/galib-2.4.7/ga/GAStatistics.C:48:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
scorefile = new char[strlen(gaDefScoreFilename)+1];
data/galib-2.4.7/ga/GAStatistics.C:133:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
scorefile = new char [strlen(orig.scorefile)+1];
data/galib-2.4.7/ga/GAStatistics.h:163:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
scorefile = new char[strlen(filename)+1];
data/galib-2.4.7/ga/GAStringGenome.C:57:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
GA1DArrayAlleleGenome<char>::read(STD_ISTREAM & is)
data/galib-2.4.7/ga/GATreeGenome.C:115:18: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
GATreeGenome<T>::equal(const GAGenome & c) const
data/galib-2.4.7/ga/GATreeGenome.h:51:15: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
virtual int equal(const GAGenome & c) const;
data/galib-2.4.7/ga/gaerror.C:83:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(gaErrMsg, "\n");
data/galib-2.4.7/ga/gaerror.C:87:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(gaErrMsg, "\n");
data/galib-2.4.7/ga/gaerror.C:92:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(gaErrMsg, "\n");
data/galib-2.4.7/ga/gaerror.C:110:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(gaErrMsg, "\n");
data/galib-2.4.7/ga/gaerror.C:114:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(gaErrMsg, "\n");
data/galib-2.4.7/ga/gaerror.C:119:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(gaErrMsg, "\n");
data/galib-2.4.7/ga/gaerror.C:135:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(gaErrMsg, "\n");
data/galib-2.4.7/ga/gaerror.C:139:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(gaErrMsg, "\n");
data/galib-2.4.7/ga/gaerror.C:144:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(gaErrMsg, "\n");
ANALYSIS SUMMARY:
Hits = 356
Lines analyzed = 35737 in approximately 1.00 seconds (35716 lines/second)
Physical Source Lines of Code (SLOC) = 24186
Hits@level = [0] 1 [1] 120 [2] 189 [3] 4 [4] 43 [5] 0
Hits@level+ = [0+] 357 [1+] 356 [2+] 236 [3+] 47 [4+] 43 [5+] 0
Hits/KSLOC@level+ = [0+] 14.7606 [1+] 14.7193 [2+] 9.75771 [3+] 1.94327 [4+] 1.77789 [5+] 0
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.