Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/hhsuite-3.3.0+ds/lib/ffindex/src/ext/fmemopen.c
Examining data/hhsuite-3.3.0+ds/lib/ffindex/src/ext/fmemopen.h
Examining data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex.c
Examining data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex.h
Examining data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_apply_mpi.c
Examining data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_build.c
Examining data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_from_fasta.c
Examining data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_from_fasta_with_split.c
Examining data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_get.c
Examining data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_modify.c
Examining data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_order.c
Examining data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_reduce.c
Examining data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_unpack.c
Examining data/hhsuite-3.3.0+ds/lib/ffindex/src/ffutil.c
Examining data/hhsuite-3.3.0+ds/lib/ffindex/src/ffutil.h
Examining data/hhsuite-3.3.0+ds/lib/ffindex/src/mpq/mpq.c
Examining data/hhsuite-3.3.0+ds/lib/ffindex/src/mpq/mpq.h
Examining data/hhsuite-3.3.0+ds/lib/simd/simd.h
Examining data/hhsuite-3.3.0+ds/src/a3m_compress.cpp
Examining data/hhsuite-3.3.0+ds/src/a3m_compress.h
Examining data/hhsuite-3.3.0+ds/src/a3m_database_extract.cpp
Examining data/hhsuite-3.3.0+ds/src/a3m_database_filter.cpp
Examining data/hhsuite-3.3.0+ds/src/a3m_database_reduce.cpp
Examining data/hhsuite-3.3.0+ds/src/a3m_extract.cpp
Examining data/hhsuite-3.3.0+ds/src/a3m_reduce.cpp
Examining data/hhsuite-3.3.0+ds/src/cs/aa.cc
Examining data/hhsuite-3.3.0+ds/src/cs/aa.h
Examining data/hhsuite-3.3.0+ds/src/cs/alignment-inl.h
Examining data/hhsuite-3.3.0+ds/src/cs/alignment.h
Examining data/hhsuite-3.3.0+ds/src/cs/application.cc
Examining data/hhsuite-3.3.0+ds/src/cs/application.h
Examining data/hhsuite-3.3.0+ds/src/cs/as.cc
Examining data/hhsuite-3.3.0+ds/src/cs/as.h
Examining data/hhsuite-3.3.0+ds/src/cs/assert_helpers.cc
Examining data/hhsuite-3.3.0+ds/src/cs/assert_helpers.h
Examining data/hhsuite-3.3.0+ds/src/cs/blosum_matrix.cc
Examining data/hhsuite-3.3.0+ds/src/cs/blosum_matrix.h
Examining data/hhsuite-3.3.0+ds/src/cs/context_library-inl.h
Examining data/hhsuite-3.3.0+ds/src/cs/context_library.h
Examining data/hhsuite-3.3.0+ds/src/cs/context_profile-inl.h
Examining data/hhsuite-3.3.0+ds/src/cs/context_profile.h
Examining data/hhsuite-3.3.0+ds/src/cs/count_profile-inl.h
Examining data/hhsuite-3.3.0+ds/src/cs/count_profile.h
Examining data/hhsuite-3.3.0+ds/src/cs/crf-inl.h
Examining data/hhsuite-3.3.0+ds/src/cs/crf.h
Examining data/hhsuite-3.3.0+ds/src/cs/crf_pseudocounts-inl.h
Examining data/hhsuite-3.3.0+ds/src/cs/crf_pseudocounts.h
Examining data/hhsuite-3.3.0+ds/src/cs/crf_state-inl.h
Examining data/hhsuite-3.3.0+ds/src/cs/crf_state.h
Examining data/hhsuite-3.3.0+ds/src/cs/cs.h
Examining data/hhsuite-3.3.0+ds/src/cs/cstranslate_app.cc
Examining data/hhsuite-3.3.0+ds/src/cs/cstranslate_mpi_app.cc
Examining data/hhsuite-3.3.0+ds/src/cs/cstranslate_mpi_app.h
Examining data/hhsuite-3.3.0+ds/src/cs/emission.h
Examining data/hhsuite-3.3.0+ds/src/cs/exception.h
Examining data/hhsuite-3.3.0+ds/src/cs/getopt_pp.cc
Examining data/hhsuite-3.3.0+ds/src/cs/getopt_pp.h
Examining data/hhsuite-3.3.0+ds/src/cs/globals.h
Examining data/hhsuite-3.3.0+ds/src/cs/io.h
Examining data/hhsuite-3.3.0+ds/src/cs/library_pseudocounts-inl.h
Examining data/hhsuite-3.3.0+ds/src/cs/library_pseudocounts.h
Examining data/hhsuite-3.3.0+ds/src/cs/log.cc
Examining data/hhsuite-3.3.0+ds/src/cs/log.h
Examining data/hhsuite-3.3.0+ds/src/cs/matrix.h
Examining data/hhsuite-3.3.0+ds/src/cs/profile-inl.h
Examining data/hhsuite-3.3.0+ds/src/cs/profile.h
Examining data/hhsuite-3.3.0+ds/src/cs/profile_column.h
Examining data/hhsuite-3.3.0+ds/src/cs/pseudocounts-inl.h
Examining data/hhsuite-3.3.0+ds/src/cs/pseudocounts.h
Examining data/hhsuite-3.3.0+ds/src/cs/pssm.h
Examining data/hhsuite-3.3.0+ds/src/cs/ran.h
Examining data/hhsuite-3.3.0+ds/src/cs/scoped_ptr.h
Examining data/hhsuite-3.3.0+ds/src/cs/sequence-inl.h
Examining data/hhsuite-3.3.0+ds/src/cs/sequence.h
Examining data/hhsuite-3.3.0+ds/src/cs/substitution_matrix-inl.h
Examining data/hhsuite-3.3.0+ds/src/cs/substitution_matrix.h
Examining data/hhsuite-3.3.0+ds/src/cs/utils.h
Examining data/hhsuite-3.3.0+ds/src/cs/vector.h
Examining data/hhsuite-3.3.0+ds/src/cs/cstranslate_app.h
Examining data/hhsuite-3.3.0+ds/src/ffindexdatabase.cpp
Examining data/hhsuite-3.3.0+ds/src/ffindexdatabase.h
Examining data/hhsuite-3.3.0+ds/src/hash.cpp
Examining data/hhsuite-3.3.0+ds/src/hash.h
Examining data/hhsuite-3.3.0+ds/src/hhalign.cpp
Examining data/hhsuite-3.3.0+ds/src/hhalign.h
Examining data/hhsuite-3.3.0+ds/src/hhalignment.cpp
Examining data/hhsuite-3.3.0+ds/src/hhalignment.h
Examining data/hhsuite-3.3.0+ds/src/hhbacktracemac.cpp
Examining data/hhsuite-3.3.0+ds/src/hhbackwardalgorithm.cpp
Examining data/hhsuite-3.3.0+ds/src/hhblits.cpp
Examining data/hhsuite-3.3.0+ds/src/hhblits.h
Examining data/hhsuite-3.3.0+ds/src/hhblits_app.cpp
Examining data/hhsuite-3.3.0+ds/src/hhblits_ca3m.cpp
Examining data/hhsuite-3.3.0+ds/src/hhblits_mpi.cpp
Examining data/hhsuite-3.3.0+ds/src/hhblits_omp.cpp
Examining data/hhsuite-3.3.0+ds/src/hhconsensus.cpp
Examining data/hhsuite-3.3.0+ds/src/hhdatabase.cpp
Examining data/hhsuite-3.3.0+ds/src/hhdatabase.h
Examining data/hhsuite-3.3.0+ds/src/hhdecl.cpp
Examining data/hhsuite-3.3.0+ds/src/hhdecl.h
Examining data/hhsuite-3.3.0+ds/src/hhfilter.cpp
Examining data/hhsuite-3.3.0+ds/src/hhforwardalgorithm.cpp
Examining data/hhsuite-3.3.0+ds/src/hhfullalignment.cpp
Examining data/hhsuite-3.3.0+ds/src/hhfullalignment.h
Examining data/hhsuite-3.3.0+ds/src/hhfunc.h
Examining data/hhsuite-3.3.0+ds/src/hhhalfalignment.cpp
Examining data/hhsuite-3.3.0+ds/src/hhhalfalignment.h
Examining data/hhsuite-3.3.0+ds/src/hhhit-inl.h
Examining data/hhsuite-3.3.0+ds/src/hhhit.cpp
Examining data/hhsuite-3.3.0+ds/src/hhhit.h
Examining data/hhsuite-3.3.0+ds/src/hhhitlist-inl.h
Examining data/hhsuite-3.3.0+ds/src/hhhitlist.cpp
Examining data/hhsuite-3.3.0+ds/src/hhhitlist.h
Examining data/hhsuite-3.3.0+ds/src/hhhmm.cpp
Examining data/hhsuite-3.3.0+ds/src/hhhmm.h
Examining data/hhsuite-3.3.0+ds/src/hhhmmsimd.cpp
Examining data/hhsuite-3.3.0+ds/src/hhhmmsimd.h
Examining data/hhsuite-3.3.0+ds/src/hhmacalgorithm.cpp
Examining data/hhsuite-3.3.0+ds/src/hhmake.cpp
Examining data/hhsuite-3.3.0+ds/src/hhmatrices.cpp
Examining data/hhsuite-3.3.0+ds/src/hhmatrices.h
Examining data/hhsuite-3.3.0+ds/src/hhposteriordecoder.cpp
Examining data/hhsuite-3.3.0+ds/src/hhposteriordecoder.h
Examining data/hhsuite-3.3.0+ds/src/hhposteriordecoderrunner.cpp
Examining data/hhsuite-3.3.0+ds/src/hhposteriordecoderrunner.h
Examining data/hhsuite-3.3.0+ds/src/hhposteriormatrix.cpp
Examining data/hhsuite-3.3.0+ds/src/hhposteriormatrix.h
Examining data/hhsuite-3.3.0+ds/src/hhprefilter.h
Examining data/hhsuite-3.3.0+ds/src/hhsearch.cpp
Examining data/hhsuite-3.3.0+ds/src/hhsearch.h
Examining data/hhsuite-3.3.0+ds/src/hhutil-inl.h
Examining data/hhsuite-3.3.0+ds/src/hhutil.cpp
Examining data/hhsuite-3.3.0+ds/src/hhutil.h
Examining data/hhsuite-3.3.0+ds/src/hhviterbi.cpp
Examining data/hhsuite-3.3.0+ds/src/hhviterbi.h
Examining data/hhsuite-3.3.0+ds/src/hhviterbialgorithm.cpp
Examining data/hhsuite-3.3.0+ds/src/hhviterbimatrix-inl.h
Examining data/hhsuite-3.3.0+ds/src/hhviterbimatrix.cpp
Examining data/hhsuite-3.3.0+ds/src/hhviterbimatrix.h
Examining data/hhsuite-3.3.0+ds/src/hhviterbirunner.cpp
Examining data/hhsuite-3.3.0+ds/src/hhviterbirunner.h
Examining data/hhsuite-3.3.0+ds/src/list.cpp
Examining data/hhsuite-3.3.0+ds/src/list.h
Examining data/hhsuite-3.3.0+ds/src/log.h
Examining data/hhsuite-3.3.0+ds/src/util-inl.h
Examining data/hhsuite-3.3.0+ds/src/util.cpp
Examining data/hhsuite-3.3.0+ds/src/util.h
Examining data/hhsuite-3.3.0+ds/src/hhfunc.cpp
Examining data/hhsuite-3.3.0+ds/src/hhprefilter.cpp
FINAL RESULTS:
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex.c:489:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(error_message, "Could not open file: %s", data_filename);
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex.c:497:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(error_message, "Could not open file: %s", index_filename);
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex.c:515:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(error_message, "Could not open file: %s", data_file_name_to_add);
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex.c:540:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(error_message, "Could not open file: %s", index_file_name_to_add);
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_reduce.c:99:7: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execvp(program_name, program_argv);
data/hhsuite-3.3.0+ds/src/cs/assert_helpers.cc:31:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, arguments);
data/hhsuite-3.3.0+ds/src/cs/count_profile-inl.h:141:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "NAME\t%s\n", name.c_str());
data/hhsuite-3.3.0+ds/src/cs/exception.h:38:5: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(buffer, str, ap);
data/hhsuite-3.3.0+ds/src/cs/exception.h:48:5: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(buffer, str, ap);
data/hhsuite-3.3.0+ds/src/cs/log.cc:37:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(result, "%s.%03ld", buffer, (long)tv.tv_usec / 1000);
data/hhsuite-3.3.0+ds/src/cs/utils.h:350:3: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(buffer, str, ap);
data/hhsuite-3.3.0+ds/src/hash.h:49:55: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
Pair(char* k, Typ& d) {key = new char[strlen(k)+1]; strcpy(key,k); data=d;}
data/hhsuite-3.3.0+ds/src/hash.h:50:55: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
Pair(int& l, char* k, Typ& d) {key = new char[l+1]; strcpy(key,k); data=d;}
data/hhsuite-3.3.0+ds/src/hash.h:450:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(key, pairp->key);
data/hhsuite-3.3.0+ds/src/hash.h:508:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(key, pairp->key);
data/hhsuite-3.3.0+ds/src/hash.h:574:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(key, pairp->key);
data/hhsuite-3.3.0+ds/src/hhalign.cpp:255:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(par.infile, argv[i]);
data/hhsuite-3.3.0+ds/src/hhalign.cpp:275:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(par.outfile, argv[i]);
data/hhsuite-3.3.0+ds/src/hhalign.cpp:285:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(par.pairwisealisfile, argv[i]);
data/hhsuite-3.3.0+ds/src/hhalign.cpp:295:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(par.pairwisealisfile, argv[i]);
data/hhsuite-3.3.0+ds/src/hhalign.cpp:305:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(par.pairwisealisfile, argv[i]);
data/hhsuite-3.3.0+ds/src/hhalign.cpp:315:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(par.alnfile, argv[i]);
data/hhsuite-3.3.0+ds/src/hhalign.cpp:325:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(par.psifile, argv[i]);
data/hhsuite-3.3.0+ds/src/hhalign.cpp:335:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(par.alnfile, argv[i]);
data/hhsuite-3.3.0+ds/src/hhalign.cpp:345:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(par.psifile, argv[i]);
data/hhsuite-3.3.0+ds/src/hhalign.cpp:366:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(par.indexfile, argv[i]);
data/hhsuite-3.3.0+ds/src/hhalign.cpp:568:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(par.exclstr,argv[i]);
data/hhsuite-3.3.0+ds/src/hhalign.cpp:577:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(par.template_exclstr,argv[i]);
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:128:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sname[k], ali.sname[k]);
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:136:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(seq[k], ali.seq[k]);
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:166:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(longname, ali.longname);
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:205:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(line, firstline);
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:241:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(seq[k], cur_seq);
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:361:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sname[k], cur_name);
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:500:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(seq[k], cur_seq);
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:530:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fam, ptr); // ...are the SCOP familiy code
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:534:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fam, name); // set family name = Pfam code
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:657:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sname[k], cur_name);
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:775:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sname[k], cur_name);
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:802:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fam, ptr); // ...are the SCOP familiy code
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:806:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fam, name); // set family name = Pfam code
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:1348:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(seq[k], q->seq[qk]);
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:1399:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sname[k], q->sname[qk]);
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:1406:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(longname, q->longname);
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:1797:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(details, "The alingment %s does not contain any sequences.",
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:2182:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(q->name, name);
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:2184:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(q->longname, longname);
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:2186:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(q->fam, fam);
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:2188:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(q->file, file); // Store basename of alignment file name in q->file
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:2235:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(q->sname[q->nfirst], name);
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:2312:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(q->sname[nn], sname[k]);
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:2319:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(q->seq[nn], seq[k]);
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:3671:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(seq[N_in], cur_seq);
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:3681:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sname[N_in], Tali.sname[k]);
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:3759:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(seq[N_in], seq_pred);
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:3773:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(seq[kss_pred], seq_pred);
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:3784:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(seq[N_in], seq_conf);
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:3798:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(seq[kss_conf], seq_conf);
data/hhsuite-3.3.0+ds/src/hhblits.cpp:427:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(par.infile, argv[i]);
data/hhsuite-3.3.0+ds/src/hhblits.cpp:462:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(par.outfile, argv[i]);
data/hhsuite-3.3.0+ds/src/hhblits.cpp:471:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(par.matrices_output_file, argv[i]);
data/hhsuite-3.3.0+ds/src/hhblits.cpp:478:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(par.alnfile, argv[i]);
data/hhsuite-3.3.0+ds/src/hhblits.cpp:487:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(par.hhmfile, argv[i]);
data/hhsuite-3.3.0+ds/src/hhblits.cpp:494:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(par.psifile, argv[i]);
data/hhsuite-3.3.0+ds/src/hhblits.cpp:501:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(par.alisbasename, argv[i]);
data/hhsuite-3.3.0+ds/src/hhblits.cpp:511:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(par.pairwisealisfile, argv[i]);
data/hhsuite-3.3.0+ds/src/hhblits.cpp:520:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(par.pairwisealisfile, argv[i]);
data/hhsuite-3.3.0+ds/src/hhblits.cpp:529:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(par.pairwisealisfile, argv[i]);
data/hhsuite-3.3.0+ds/src/hhblits.cpp:537:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(par.scorefile, argv[i]);
data/hhsuite-3.3.0+ds/src/hhblits.cpp:546:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(par.m8file, argv[i]);
data/hhsuite-3.3.0+ds/src/hhblits.cpp:555:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(par.alitabfile, argv[i]);
data/hhsuite-3.3.0+ds/src/hhblits_ca3m.cpp:52:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(db.base, par);
data/hhsuite-3.3.0+ds/src/hhblits_ca3m.cpp:87:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(data_filename, par.infile);
data/hhsuite-3.3.0+ds/src/hhblits_ca3m.cpp:90:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(index_filename, par.infile);
data/hhsuite-3.3.0+ds/src/hhblits_mpi.cpp:54:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(db.base, par);
data/hhsuite-3.3.0+ds/src/hhblits_omp.cpp:52:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(db.base, par);
data/hhsuite-3.3.0+ds/src/hhconsensus.cpp:114:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(par.infile, argv[i]);
data/hhsuite-3.3.0+ds/src/hhconsensus.cpp:123:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(par.outfile, argv[i]);
data/hhsuite-3.3.0+ds/src/hhconsensus.cpp:133:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(par.alnfile, argv[i]);
data/hhsuite-3.3.0+ds/src/hhconsensus.cpp:143:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(par.alnfile, argv[i]);
data/hhsuite-3.3.0+ds/src/hhconsensus.cpp:153:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(par.alnfile, argv[i]);
data/hhsuite-3.3.0+ds/src/hhconsensus.cpp:163:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(par.alnfile, argv[i]);
data/hhsuite-3.3.0+ds/src/hhdatabase.cpp:35:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(databaseName, base);
data/hhsuite-3.3.0+ds/src/hhdatabase.cpp:38:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(databaseName, extension);
data/hhsuite-3.3.0+ds/src/hhdatabase.cpp:39:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(databaseName, suffix);
data/hhsuite-3.3.0+ds/src/hhdatabase.cpp:76:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(basename, base);
data/hhsuite-3.3.0+ds/src/hhdatabase.cpp:330:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, entry->name);
data/hhsuite-3.3.0+ds/src/hhfilter.cpp:82:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(par.infile, argv[i]);
data/hhsuite-3.3.0+ds/src/hhfilter.cpp:91:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(par.outfile, argv[i]);
data/hhsuite-3.3.0+ds/src/hhfilter.cpp:99:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(par.outfile, argv[i]);
data/hhsuite-3.3.0+ds/src/hhhit.cpp:246:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(this->longname,t->longname);
data/hhsuite-3.3.0+ds/src/hhhit.cpp:248:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(this->name,t->name);
data/hhsuite-3.3.0+ds/src/hhhit.cpp:249:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(this->fam ,t->fam);
data/hhsuite-3.3.0+ds/src/hhhit.cpp:250:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(this->sfam ,t->sfam);
data/hhsuite-3.3.0+ds/src/hhhit.cpp:251:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(this->fold ,t->fold);
data/hhsuite-3.3.0+ds/src/hhhit.cpp:252:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(this->cl ,t->cl);
data/hhsuite-3.3.0+ds/src/hhhit.cpp:253:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(this->file,t->file);
data/hhsuite-3.3.0+ds/src/hhhit.cpp:268:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(this->sname[k],t->sname[k]);
data/hhsuite-3.3.0+ds/src/hhhit.cpp:269:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(this->seq[k],t->seq[k]);
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:73:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line,"%-34.34s %5.1f %8s %8s ",str,hit.Probab,Estr,Pstr);
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:84:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "%-34.34s %5.1f %7s %7s ", str, hit.Probab, Estr, Pstr);
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:316:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "%s\t%s\t%1.3f\t%d\t%d\t%d\t%d\t%d\t%d\t%d\t%.2E\t%.1f\n",
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:367:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "%-20s %-10s %1i %5i %3i %8.3f %7.2f %6.2f %7.2f %8.3f\n",
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:414:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, ">%s\n", hit.longname);
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:152:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sname[k], q.sname[k]);
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:159:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(seq[k], q.seq[k]);
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:176:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(longname, q.longname);
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:369:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(seq[k - 1], cur_seq);
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:378:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sname[k], line + 1); //store sequence name in **name
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:495:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(seq[k], cur_seq);
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:805:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(seq[nsa_dssp], ptr);
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:826:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(seq[nss_pred], ptr);
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:846:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(seq[nss_conf], ptr);
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:1120:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sname[k + 1], longname);
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:1146:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sname[k], longname);
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:1156:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(seq[k], annotchr); // overwrite the consensus sequence with the annotation characters
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:1319:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(seq[nsa_dssp], ptr);
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:1340:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(seq[nss_pred], ptr);
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:1360:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(seq[nss_conf], ptr);
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:1629:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sname[k + 1], longname);
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:1655:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sname[k], longname);
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:1665:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(seq[k], annotchr); // overwrite the consensus sequence with the annotation characters
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:2375:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(seq[nss_pred], seq_pred);
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:2378:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(seq[nss_conf], seq_conf);
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:2402:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(seq[nss_pred], seq_pred);
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:2411:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(seq[nss_conf], seq_conf);
data/hhsuite-3.3.0+ds/src/hhmake.cpp:146:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(par.infile, argv[i]);
data/hhsuite-3.3.0+ds/src/hhmake.cpp:156:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(par.outfile, argv[i]);
data/hhsuite-3.3.0+ds/src/hhmake.cpp:166:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(par.outfile, argv[i]);
data/hhsuite-3.3.0+ds/src/hhprefilter.cpp:326:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dbnames[n], entry->name);
data/hhsuite-3.3.0+ds/src/hhprefilter.cpp:564:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(db_name, dbnames[(*it2).second]);
data/hhsuite-3.3.0+ds/src/hhsearch.cpp:238:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(par.infile, argv[i]);
data/hhsuite-3.3.0+ds/src/hhsearch.cpp:259:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(par.outfile, argv[i]);
data/hhsuite-3.3.0+ds/src/hhsearch.cpp:268:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(par.pairwisealisfile, argv[i]);
data/hhsuite-3.3.0+ds/src/hhsearch.cpp:277:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(par.pairwisealisfile, argv[i]);
data/hhsuite-3.3.0+ds/src/hhsearch.cpp:286:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(par.pairwisealisfile, argv[i]);
data/hhsuite-3.3.0+ds/src/hhsearch.cpp:293:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(par.alnfile, argv[i]);
data/hhsuite-3.3.0+ds/src/hhsearch.cpp:300:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(par.hhmfile, argv[i]);
data/hhsuite-3.3.0+ds/src/hhsearch.cpp:307:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(par.psifile, argv[i]);
data/hhsuite-3.3.0+ds/src/hhsearch.cpp:314:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(par.scorefile, argv[i]);
data/hhsuite-3.3.0+ds/src/hhsearch.cpp:323:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(par.m8file, argv[i]);
data/hhsuite-3.3.0+ds/src/hhsearch.cpp:537:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(par.exclstr,argv[i]);
data/hhsuite-3.3.0+ds/src/hhutil-inl.h:341:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cl,fam);
data/hhsuite-3.3.0+ds/src/hhutil-inl.h:346:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fold,fam);
data/hhsuite-3.3.0+ds/src/hhutil-inl.h:352:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sfam,fam);
data/hhsuite-3.3.0+ds/src/hhutil.cpp:47:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmp_file, file);
data/hhsuite-3.3.0+ds/src/log.h:128:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(result, "%s.%03ld", buffer, (long)tv.tv_usec / 1000);
data/hhsuite-3.3.0+ds/src/util-inl.h:634:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ptr, str2);
data/hhsuite-3.3.0+ds/src/util-inl.h:650:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outname, ptr);
data/hhsuite-3.3.0+ds/src/util-inl.h:659:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outname, filename);
data/hhsuite-3.3.0+ds/src/util-inl.h:663:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outname, filename);
data/hhsuite-3.3.0+ds/src/util-inl.h:671:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(extension, ptr + 1);
data/hhsuite-3.3.0+ds/src/util-inl.h:689:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pathname, filename);
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_apply_mpi.c:286:15: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
opt = getopt_long(argn, argv, short_options, long_options, &option_index);
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_build.c:84:11: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
opt = getopt_long(argn, argv, "ad:i:f:sv", long_options, &option_index);
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_from_fasta.c:56:11: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
opt = getopt_long(argn, argv, "sv", long_options, &option_index);
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_from_fasta_with_split.c:81:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt(argn, argv, "sv")) != -1)
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_get.c:47:11: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
opt = getopt_long(argn, argv, "n", long_options, &option_index);
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_modify.c:63:11: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
opt = getopt_long(argn, argv, "suvf:", long_options, &option_index);
data/hhsuite-3.3.0+ds/src/a3m_database_extract.cpp:29:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "i:d:o:q:h")) != -1) {
data/hhsuite-3.3.0+ds/src/a3m_database_filter.cpp:32:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "i:s:o:h")) != -1) {
data/hhsuite-3.3.0+ds/src/a3m_database_reduce.cpp:28:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "i:d:o:h")) != -1) {
data/hhsuite-3.3.0+ds/src/a3m_extract.cpp:31:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "i:d:o:q:h")) != -1) {
data/hhsuite-3.3.0+ds/src/a3m_reduce.cpp:20:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "i:d:o:h")) != -1) {
data/hhsuite-3.3.0+ds/src/cs/getopt_pp.h:370:31: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
template <class T> inline T getopt(char short_opt, const std::string& long_opt) {
data/hhsuite-3.3.0+ds/src/cs/getopt_pp.h:376:31: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
template <class T> inline T getopt(char short_opt, const std::string& long_opt, const T& def_value) {
data/hhsuite-3.3.0+ds/src/cs/getopt_pp.h:383:31: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
template <class T> inline T getopt(char short_opt) {
data/hhsuite-3.3.0+ds/src/cs/getopt_pp.h:389:31: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
template <class T> inline T getopt(char short_opt, const T& def_value) {
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex.c:53:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
*out_data_file = fopen(data_filename, "a");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex.c:56:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
*out_index_file = fopen(index_filename, "a+");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex.c:72:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
*out_data_file = fopen(data_filename, "w");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex.c:76:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
*out_index_file = fopen(index_filename, "w+");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex.c:107:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1] = {'\0'};
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex.c:131:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex.c:152:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex.c:186:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *file = fopen(path, "r");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex.c:200:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[FFINDEX_BUFFER_SIZE];
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex.c:464:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* index_fh = fopen(index_filename, "r");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex.c:476:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
index_fh = fopen(index_filename, "w");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex.c:486:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* data_file = fopen(data_filename, "w");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex.c:488:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_message[2*FILENAME_MAX];
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex.c:494:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* index_file = fopen(index_filename, "w");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex.c:496:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_message[2*FILENAME_MAX];
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex.c:506:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data_file_name_to_add[FILENAME_MAX];
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex.c:507:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char index_file_name_to_add[FILENAME_MAX];
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex.c:512:30: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* data_file_to_add = fopen(data_file_name_to_add, "r");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex.c:514:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_message[2*FILENAME_MAX];
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex.c:537:31: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* index_file_to_add = fopen(index_file_name_to_add, "r");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex.c:539:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_message[2*FILENAME_MAX];
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex.h:31:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[FFINDEX_MAX_ENTRY_NAME_LENTH];
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_apply_mpi.c:43:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char read_buffer[400 * 1024 * 1024];
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_apply_mpi.c:339:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *data_file = fopen(data_filename, "r");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_apply_mpi.c:346:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *index_file = fopen(index_filename, "r");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_apply_mpi.c:393:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data_filename_out_rank[FILENAME_MAX];
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_apply_mpi.c:397:38: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
env->data_file_out = fopen(data_filename_out_rank, "w+");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_apply_mpi.c:407:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char index_filename_out_rank[FILENAME_MAX];
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_apply_mpi.c:411:39: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
env->index_file_out = fopen(index_filename_out_rank, "w+");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_apply_mpi.c:421:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char log_filename_out_rank[FILENAME_MAX];
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_apply_mpi.c:425:37: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
env->log_file_out = fopen(log_filename_out_rank, "w+");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_apply_mpi.c:478:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data_filename_out_rank[FILENAME_MAX];
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_apply_mpi.c:481:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
data_file_out = fopen(data_filename_out_rank, "w+");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_apply_mpi.c:492:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char index_filename_out_rank[FILENAME_MAX];
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_apply_mpi.c:495:26: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
index_file_out = fopen(index_filename_out_rank, "w+");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_build.c:142:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
data_file = fopen(data_filename, "a");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_build.c:145:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
index_file = fopen(index_filename, "a+");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_build.c:161:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
data_file = fopen(data_filename, "w");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_build.c:165:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
index_file = fopen(index_filename, "w+");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_build.c:174:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *list_file = fopen(list_filenames[i], "r");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_build.c:188:33: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* data_file_to_add = fopen(list_ffindex_data[i], "r"); if( data_file_to_add == NULL) { perror(list_ffindex_data[i]); return EXIT_FAILURE; }
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_build.c:189:33: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* index_file_to_add = fopen(list_ffindex_index[i], "r"); if( index_file_to_add == NULL) { perror(list_ffindex_index[i]); return EXIT_FAILURE; }
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_build.c:245:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
index_file = fopen(index_filename, "r+");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_build.c:254:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
index_file = fopen(index_filename, "w");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_from_fasta.c:105:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
data_file = fopen(data_filename, "w");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_from_fasta.c:109:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
index_file = fopen(index_filename, "w+");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_from_fasta.c:113:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fasta_file = fopen(fasta_filename, "r");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_from_fasta.c:120:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[FFINDEX_MAX_ENTRY_NAME_LENTH];
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_from_fasta.c:125:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entry[MAX_ENTRY_LENGTH];
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_from_fasta.c:157:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "%d", seq_id);
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_from_fasta.c:171:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
index_file = fopen(index_filename, "r+");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_from_fasta.c:180:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
index_file = fopen(index_filename, "w");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_from_fasta_with_split.c:133:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
data_header_file = fopen(data_header_filename, "w");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_from_fasta_with_split.c:137:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
index_header_file = fopen(index_header_filename, "w+");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_from_fasta_with_split.c:142:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
data_sequence_file = fopen(data_sequence_filename, "w");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_from_fasta_with_split.c:146:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
index_sequence_file = fopen(index_sequence_filename, "w+");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_from_fasta_with_split.c:149:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fasta_file = fopen(fasta_filename, "r");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_from_fasta_with_split.c:156:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[FFINDEX_MAX_ENTRY_NAME_LENTH];
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_from_fasta_with_split.c:161:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[MAX_ENTRY_LENGTH];
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_from_fasta_with_split.c:166:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sequence[MAX_ENTRY_LENGTH];
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_from_fasta_with_split.c:212:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "%d", seq_id);
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_get.c:70:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *data_file = fopen(data_filename, "r");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_get.c:71:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *index_file = fopen(index_filename, "r");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_get.c:91:24: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
size_t index_n = atol(argv[i]) - 1; // offset from 0 but specify from 1
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_modify.c:103:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
index_file = fopen(index_filename, "r+");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_modify.c:117:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *list_file = fopen(list_filenames[i], "r");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_modify.c:124:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_modify.c:138:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
index_file = fopen(index_filename, "w");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_modify.c:148:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
index_file = fopen(index_filename, "w");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_order.c:50:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *order_file = fopen(order_filename, "r");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_order.c:52:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *data_file = fopen(data_filename, "r");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_order.c:53:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *index_file = fopen(index_filename, "r");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_order.c:55:29: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *sorted_data_file = fopen(sorted_data_filename, "w+");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_order.c:56:29: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *sorted_index_file = fopen(sorted_index_filename, "w+");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_order.c:77:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[LINE_MAX];
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_order.c:78:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINE_MAX];
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_order.c:110:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
sorted_index_file = fopen(sorted_index_filename, "r+");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_order.c:120:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
sorted_index_file = fopen(sorted_index_filename, "w");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_reduce.c:46:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *data_file = fopen(data_filename, "r");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_reduce.c:47:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *index_file = fopen(index_filename, "r");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_unpack.c:45:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *data_file = fopen(data_filename, "r");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_unpack.c:46:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *index_file = fopen(index_filename, "r");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_unpack.c:76:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *output_file = fopen(entry->name, "w");
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffutil.c:46:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "r");
data/hhsuite-3.3.0+ds/src/a3m_compress.cpp:549:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bytes[2];
data/hhsuite-3.3.0+ds/src/a3m_compress.cpp:560:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char array[2];
data/hhsuite-3.3.0+ds/src/a3m_compress.cpp:571:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bytes[4];
data/hhsuite-3.3.0+ds/src/a3m_compress.cpp:584:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char array[4];
data/hhsuite-3.3.0+ds/src/a3m_database_extract.cpp:73:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *a3m_data_fh = fopen(a3mDataFile.c_str(), "w");
data/hhsuite-3.3.0+ds/src/a3m_database_extract.cpp:74:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *a3m_index_fh = fopen(a3mIndexFile.c_str(), "w");
data/hhsuite-3.3.0+ds/src/a3m_database_extract.cpp:92:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *ca3m_data_fh = fopen(ca3mDataFile.c_str(), "r");
data/hhsuite-3.3.0+ds/src/a3m_database_extract.cpp:93:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *ca3m_index_fh = fopen(ca3mIndexFile.c_str(), "r");
data/hhsuite-3.3.0+ds/src/a3m_database_extract.cpp:118:29: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *sequence_data_fh = fopen(sequenceDataFile.c_str(), "r");
data/hhsuite-3.3.0+ds/src/a3m_database_extract.cpp:119:29: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *sequence_index_fh = fopen(sequenceIndexFile.c_str(), "r");
data/hhsuite-3.3.0+ds/src/a3m_database_extract.cpp:144:26: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *header_data_fh = fopen(headerDataFile.c_str(), "r");
data/hhsuite-3.3.0+ds/src/a3m_database_extract.cpp:145:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *header_index_fh = fopen(headerIndexFile.c_str(), "r");
data/hhsuite-3.3.0+ds/src/a3m_database_filter.cpp:72:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *oa3m_data_fh = fopen(oa3mDataFile.c_str(), "w");
data/hhsuite-3.3.0+ds/src/a3m_database_filter.cpp:73:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *oa3m_index_fh = fopen(oa3mIndexFile.c_str(), "w");
data/hhsuite-3.3.0+ds/src/a3m_database_filter.cpp:91:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *a3m_data_fh = fopen(a3mDataFile.c_str(), "r");
data/hhsuite-3.3.0+ds/src/a3m_database_filter.cpp:92:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *a3m_index_fh = fopen(a3mIndexFile.c_str(), "r");
data/hhsuite-3.3.0+ds/src/a3m_database_reduce.cpp:67:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *ca3m_data_fh = fopen(ca3mDataFile.c_str(), "w");
data/hhsuite-3.3.0+ds/src/a3m_database_reduce.cpp:68:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *ca3m_index_fh = fopen(ca3mIndexFile.c_str(), "w");
data/hhsuite-3.3.0+ds/src/a3m_database_reduce.cpp:86:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *a3m_data_fh = fopen(a3mDataFile.c_str(), "r");
data/hhsuite-3.3.0+ds/src/a3m_database_reduce.cpp:87:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *a3m_index_fh = fopen(a3mIndexFile.c_str(), "r");
data/hhsuite-3.3.0+ds/src/a3m_database_reduce.cpp:112:29: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *sequence_data_fh = fopen(sequenceDataFile.c_str(), "r");
data/hhsuite-3.3.0+ds/src/a3m_database_reduce.cpp:113:29: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *sequence_index_fh = fopen(sequenceIndexFile.c_str(), "r");
data/hhsuite-3.3.0+ds/src/a3m_extract.cpp:74:28: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *sequence_data_fh = fopen(sequenceDataFile.c_str(), "r");
data/hhsuite-3.3.0+ds/src/a3m_extract.cpp:75:29: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *sequence_index_fh = fopen(sequenceIndexFile.c_str(), "r");
data/hhsuite-3.3.0+ds/src/a3m_extract.cpp:103:26: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *header_data_fh = fopen(headerDataFile.c_str(), "r");
data/hhsuite-3.3.0+ds/src/a3m_extract.cpp:104:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *header_index_fh = fopen(headerIndexFile.c_str(), "r");
data/hhsuite-3.3.0+ds/src/a3m_reduce.cpp:59:29: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *sequence_data_fh = fopen(sequenceDataFile.c_str(), "r");
data/hhsuite-3.3.0+ds/src/a3m_reduce.cpp:60:29: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *sequence_index_fh = fopen(sequenceIndexFile.c_str(), "r");
data/hhsuite-3.3.0+ds/src/cs/alignment-inl.h:164:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[kBufferSize];
data/hhsuite-3.3.0+ds/src/cs/alignment-inl.h:216:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[kBufferSize];
data/hhsuite-3.3.0+ds/src/cs/application.cc:77:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
else log_fp_ = fopen(log_file_.c_str(), "w");
data/hhsuite-3.3.0+ds/src/cs/context_library-inl.h:53:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[KB];
data/hhsuite-3.3.0+ds/src/cs/context_profile-inl.h:86:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[KB];
data/hhsuite-3.3.0+ds/src/cs/count_profile-inl.h:67:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[KB];
data/hhsuite-3.3.0+ds/src/cs/count_profile-inl.h:137:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer [4000];
data/hhsuite-3.3.0+ds/src/cs/count_profile-inl.h:138:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "CountProfile\n");
data/hhsuite-3.3.0+ds/src/cs/count_profile-inl.h:145:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "LENG\t%zu\n", counts.length());
data/hhsuite-3.3.0+ds/src/cs/count_profile-inl.h:147:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "ALPH\t%zu\n", Abc::kSize);
data/hhsuite-3.3.0+ds/src/cs/count_profile-inl.h:151:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "COUNTS");
data/hhsuite-3.3.0+ds/src/cs/count_profile-inl.h:154:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "\t%c", Abc::kIntToChar[a]);
data/hhsuite-3.3.0+ds/src/cs/count_profile-inl.h:157:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "\tNEFF\n");
data/hhsuite-3.3.0+ds/src/cs/count_profile-inl.h:162:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%zu", i+1);
data/hhsuite-3.3.0+ds/src/cs/count_profile-inl.h:168:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "\t*");
data/hhsuite-3.3.0+ds/src/cs/count_profile-inl.h:172:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "\t%d", -iround(log2(counts[i][a] / neff[i]) * kScale));
data/hhsuite-3.3.0+ds/src/cs/count_profile-inl.h:176:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "\t%d\n", iround(neff[i] * kScale));
data/hhsuite-3.3.0+ds/src/cs/count_profile-inl.h:179:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "//\n");
data/hhsuite-3.3.0+ds/src/cs/crf-inl.h:59:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[KB];
data/hhsuite-3.3.0+ds/src/cs/crf_state-inl.h:33:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[KB];
data/hhsuite-3.3.0+ds/src/cs/cstranslate_app.h:139:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fin = fopen(opts_.infile.c_str(), "r");
data/hhsuite-3.3.0+ds/src/cs/cstranslate_app.h:255:32: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *output_data_fh = fopen(output_data_file.c_str(), "w");
data/hhsuite-3.3.0+ds/src/cs/cstranslate_app.h:256:33: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *output_index_fh = fopen(output_index_file.c_str(), "w");
data/hhsuite-3.3.0+ds/src/cs/cstranslate_app.h:443:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fin = fopen(opts_.modelfile.c_str(), "r");
data/hhsuite-3.3.0+ds/src/cs/cstranslate_app.h:477:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fin = fopen(opts_.alphabetfile.c_str(), "r");
data/hhsuite-3.3.0+ds/src/cs/cstranslate_app.h:512:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(outfile.c_str(), append ? "a" : "w");
data/hhsuite-3.3.0+ds/src/cs/cstranslate_app.h:534:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(outfile.c_str(), append ? "a" : "w");
data/hhsuite-3.3.0+ds/src/cs/cstranslate_mpi_app.h:269:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char out_rank[FILENAME_MAX];
data/hhsuite-3.3.0+ds/src/cs/cstranslate_mpi_app.h:272:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* out = fopen(out_rank, "w+");
data/hhsuite-3.3.0+ds/src/cs/io.h:70:43: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (ptr > ptr0 && *(ptr-1) == '-') i = -atoi(ptr); else i = atoi(ptr);
data/hhsuite-3.3.0+ds/src/cs/io.h:70:63: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (ptr > ptr0 && *(ptr-1) == '-') i = -atoi(ptr); else i = atoi(ptr);
data/hhsuite-3.3.0+ds/src/cs/io.h:89:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (ptr > ptr0 && *(ptr-1) == '-') i = -atoi(ptr); else i = atoi(ptr);
data/hhsuite-3.3.0+ds/src/cs/io.h:89:64: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (ptr > ptr0 && *(ptr-1) == '-') i = -atoi(ptr); else i = atoi(ptr);
data/hhsuite-3.3.0+ds/src/cs/io.h:184:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[KB];
data/hhsuite-3.3.0+ds/src/cs/log.cc:31:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[11];
data/hhsuite-3.3.0+ds/src/cs/log.cc:36:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char result[100] = {0};
data/hhsuite-3.3.0+ds/src/cs/profile-inl.h:53:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(v[0], a, nel * sizeof(double));
data/hhsuite-3.3.0+ds/src/cs/profile-inl.h:62:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(v[0], rhs[0], nel * sizeof(double));
data/hhsuite-3.3.0+ds/src/cs/profile-inl.h:92:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(v[0], rhs[0], nel * sizeof(double));
data/hhsuite-3.3.0+ds/src/cs/profile-inl.h:153:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(v[idx], other[0], n * Abc::kSizeAny * sizeof(double));
data/hhsuite-3.3.0+ds/src/cs/sequence-inl.h:113:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[kBuffSize];
data/hhsuite-3.3.0+ds/src/ffindexdatabase.cpp:9:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
db_data_fh = fopen(data_filename, "r");
data/hhsuite-3.3.0+ds/src/ffindexdatabase.cpp:14:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* db_index_fh = fopen(index_filename, "r");
data/hhsuite-3.3.0+ds/src/hhalign.cpp:384:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int v = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhalign.cpp:395:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.b = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhalign.cpp:397:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.B = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhalign.cpp:399:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.z = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhalign.cpp:401:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.Z = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhalign.cpp:415:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.nseqdis = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhalign.cpp:417:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.aliwidth = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhalign.cpp:419:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.max_seqid = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhalign.cpp:421:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.qid = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhalign.cpp:425:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.coverage = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhalign.cpp:427:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.Ndiff = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhalign.cpp:440:63: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.pc_hhm_context_engine.admix = (Pseudocounts::Admix) atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhalign.cpp:448:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.pc_hhm_nocontext_mode = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhalign.cpp:477:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.ssm = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhalign.cpp:491:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.altali = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhalign.cpp:509:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.Mgaps = atoi(argv[i]);
data/hhsuite-3.3.0+ds/src/hhalign.cpp:524:56: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.half_window_size_local_aa_bg_freqs = imax(1, atoi(argv[++i]));
data/hhsuite-3.3.0+ds/src/hhalign.cpp:527:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.columnscore = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhalign.cpp:529:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.maxseq = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhalign.cpp:531:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.maxres = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhalign.cpp:541:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.min_overlap = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:184:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINELEN] = ""; // input line
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:185:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cur_seq[maxcol]; // Sequence currently read in
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:251:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cur_name, "no_name_%i", k);
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:320:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char word[NAMELEN];
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:551:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cur_seq[maxcol];
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:553:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cur_header[NAMELEN];
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:1414:54: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int Alignment::FilterForDisplay(int max_seqid, const char mark,
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:1796:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char details[100];
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:1971:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void Alignment::FilterNeff(char use_global_weights, const char mark,
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:1971:59: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void Alignment::FilterNeff(char use_global_weights, const char mark,
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:1972:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char cons, const char showcons, const int max_seqid, const int coverage,
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:1972:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char cons, const char showcons, const int max_seqid, const int coverage,
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:1977:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keep_orig[N_in + 1];
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:2024:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
float Alignment::filter_by_qsc(float qsc, char use_global_weights,
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:2025:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char mark, const char cons, const char showcons,
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:2025:55: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char mark, const char cons, const char showcons,
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:2025:72: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char mark, const char cons, const char showcons,
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:2041:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void Alignment::FrequenciesAndTransitions(HMM* q, char use_global_weights,
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:2042:49: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char mark, const char cons,
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:2042:66: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char mark, const char cons,
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:2043:49: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char showcons, const float* pb,
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:2217:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(q->sname[q->ncons], "Consensus");
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:2236:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(q->sname[q->nfirst], "_consensus");
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:3383:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
alnf = fopen(alnfile, "w");
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:3385:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
alnf = fopen(alnfile, "a");
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:3428:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outf.open(alnfile, std::ios::out | std::ios::app);
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:3430:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outf.open(alnfile, std::ios::out);
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:3458:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINELEN];
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:3459:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_name[NAMELEN];
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:3466:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "%-20.20s ", tmp_name);
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:3767:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(sname[N_in], "ss_pred PSIPRED predicted secondary structure");
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:3792:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(sname[N_in], "ss_conf PSIPRED confidence values");
data/hhsuite-3.3.0+ds/src/hhalignment.h:45:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[NAMELEN]; // HMM name = first word in longname in lower case
data/hhsuite-3.3.0+ds/src/hhalignment.h:46:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fam[NAMELEN]; // family ID (derived from name) (FAM field)
data/hhsuite-3.3.0+ds/src/hhalignment.h:47:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[NAMELEN]; // Rootname (w/o path, with extension) of alignment file that is used to construct the HMM
data/hhsuite-3.3.0+ds/src/hhalignment.h:72:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void Compress(const char infile[NAMELEN], const char cons, const int maxcol, const int par_M, const int Mgaps);
data/hhsuite-3.3.0+ds/src/hhalignment.h:75:45: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int FilterForDisplay(int max_seqid, const char mark, const float S[20][20], int coverage=0, int qid=0, float qsc=0, int N=0);
data/hhsuite-3.3.0+ds/src/hhalignment.h:81:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void FilterNeff(char use_global_weights, const char mark, const char cons,
data/hhsuite-3.3.0+ds/src/hhalignment.h:81:50: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void FilterNeff(char use_global_weights, const char mark, const char cons,
data/hhsuite-3.3.0+ds/src/hhalignment.h:81:67: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void FilterNeff(char use_global_weights, const char mark, const char cons,
data/hhsuite-3.3.0+ds/src/hhalignment.h:82:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char showcons, const int max_seqid, const int coverage,
data/hhsuite-3.3.0+ds/src/hhalignment.h:84:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
float filter_by_qsc(float qsc, char use_global_weights, const char mark, const char cons,
data/hhsuite-3.3.0+ds/src/hhalignment.h:84:65: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
float filter_by_qsc(float qsc, char use_global_weights, const char mark, const char cons,
data/hhsuite-3.3.0+ds/src/hhalignment.h:84:82: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
float filter_by_qsc(float qsc, char use_global_weights, const char mark, const char cons,
data/hhsuite-3.3.0+ds/src/hhalignment.h:85:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char showcons, const int max_seqid, const int coverage,
data/hhsuite-3.3.0+ds/src/hhalignment.h:89:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void FrequenciesAndTransitions(HMM* q, char use_global_weights,
data/hhsuite-3.3.0+ds/src/hhalignment.h:90:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char mark, const char cons, const char showcons,
data/hhsuite-3.3.0+ds/src/hhalignment.h:90:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char mark, const char cons, const char showcons,
data/hhsuite-3.3.0+ds/src/hhalignment.h:90:44: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char mark, const char cons, const char showcons,
data/hhsuite-3.3.0+ds/src/hhblits.cpp:563:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int v = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhblits.cpp:567:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.num_rounds = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhblits.cpp:591:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.Mgaps = atoi(argv[i]);
data/hhsuite-3.3.0+ds/src/hhblits.cpp:601:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.b = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhblits.cpp:603:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.B = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhblits.cpp:605:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.z = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhblits.cpp:607:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.Z = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhblits.cpp:621:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.realign_max = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhblits.cpp:625:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.nseqdis = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhblits.cpp:627:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.aliwidth = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhblits.cpp:629:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.max_seqid = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhblits.cpp:631:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.qid = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhblits.cpp:635:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.coverage = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhblits.cpp:638:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.Ndiff = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhblits.cpp:648:69: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.pc_hhm_context_engine.admix = (Pseudocounts::Admix) atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhblits.cpp:657:75: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.pc_prefilter_context_engine.admix = (Pseudocounts::Admix) atoi(
data/hhsuite-3.3.0+ds/src/hhblits.cpp:667:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.pc_hhm_nocontext_mode = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhblits.cpp:676:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.pc_prefilter_nocontext_mode = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhblits.cpp:718:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.min_prefilter_hits = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhblits.cpp:720:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.preprefilter_smax_thresh = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhblits.cpp:724:40: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.prefilter_bit_factor = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhblits.cpp:726:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.prefilter_gap_open = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhblits.cpp:728:40: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.prefilter_gap_extend = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhblits.cpp:730:42: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.prefilter_score_offset = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhblits.cpp:738:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.ssm = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhblits.cpp:746:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.maxseq = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhblits.cpp:748:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.maxres = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhblits.cpp:758:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.altali = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhblits.cpp:767:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.columnscore = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhblits.cpp:771:66: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.half_window_size_local_aa_bg_freqs = std::max(1, atoi(argv[++i]));
data/hhsuite-3.3.0+ds/src/hhblits.cpp:773:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.threads = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhblits.cpp:778:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.premerge=atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhblits.cpp:789:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.min_overlap = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhblits.cpp:795:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.maxnumdb = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhblits_app.cpp:7:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(par.outfile, ".hhr");
data/hhsuite-3.3.0+ds/src/hhblits_app.cpp:49:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
inf = fopen(par.infile, "r");
data/hhsuite-3.3.0+ds/src/hhblits_ca3m.cpp:15:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char base[NAMELEN];
data/hhsuite-3.3.0+ds/src/hhblits_ca3m.cpp:23:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char index_filename[NAMELEN];
data/hhsuite-3.3.0+ds/src/hhblits_ca3m.cpp:57:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data_filename_out_rank[NAMELEN];
data/hhsuite-3.3.0+ds/src/hhblits_ca3m.cpp:58:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char index_filename_out_rank[NAMELEN];
data/hhsuite-3.3.0+ds/src/hhblits_ca3m.cpp:63:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
db.data_fh = fopen(data_filename_out_rank, "w+");
data/hhsuite-3.3.0+ds/src/hhblits_ca3m.cpp:64:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
db.index_fh = fopen(index_filename_out_rank, "w+");
data/hhsuite-3.3.0+ds/src/hhblits_ca3m.cpp:84:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data_filename[NAMELEN];
data/hhsuite-3.3.0+ds/src/hhblits_ca3m.cpp:85:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char index_filename[NAMELEN];
data/hhsuite-3.3.0+ds/src/hhblits_ca3m.cpp:88:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(data_filename, ".ffdata");
data/hhsuite-3.3.0+ds/src/hhblits_ca3m.cpp:91:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(index_filename, ".ffindex");
data/hhsuite-3.3.0+ds/src/hhblits_ca3m.cpp:132:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *ca3m_data_fh = fopen(ca3mDataFile.c_str(), "r");
data/hhsuite-3.3.0+ds/src/hhblits_ca3m.cpp:133:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *ca3m_index_fh = fopen(ca3mIndexFile.c_str(), "r");
data/hhsuite-3.3.0+ds/src/hhblits_ca3m.cpp:158:29: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *sequence_data_fh = fopen(sequenceDataFile.c_str(), "r");
data/hhsuite-3.3.0+ds/src/hhblits_ca3m.cpp:159:29: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *sequence_index_fh = fopen(sequenceIndexFile.c_str(), "r");
data/hhsuite-3.3.0+ds/src/hhblits_ca3m.cpp:188:26: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *header_data_fh = fopen(headerDataFile.c_str(), "r");
data/hhsuite-3.3.0+ds/src/hhblits_ca3m.cpp:189:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *header_index_fh = fopen(headerIndexFile.c_str(), "r");
data/hhsuite-3.3.0+ds/src/hhblits_mpi.cpp:23:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char base[NAMELEN];
data/hhsuite-3.3.0+ds/src/hhblits_mpi.cpp:58:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data_filename_out_rank[NAMELEN];
data/hhsuite-3.3.0+ds/src/hhblits_mpi.cpp:59:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char index_filename_out_rank[NAMELEN];
data/hhsuite-3.3.0+ds/src/hhblits_mpi.cpp:66:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
db.data_fh = fopen(data_filename_out_rank, "w+");
data/hhsuite-3.3.0+ds/src/hhblits_mpi.cpp:67:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
db.index_fh = fopen(index_filename_out_rank, "w+");
data/hhsuite-3.3.0+ds/src/hhblits_mpi.cpp:85:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data_filename[FILENAME_MAX];
data/hhsuite-3.3.0+ds/src/hhblits_mpi.cpp:86:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char index_filename[FILENAME_MAX];
data/hhsuite-3.3.0+ds/src/hhblits_omp.cpp:16:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char base[NAMELEN];
data/hhsuite-3.3.0+ds/src/hhblits_omp.cpp:25:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char index_filename[NAMELEN];
data/hhsuite-3.3.0+ds/src/hhblits_omp.cpp:57:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data_filename_out_rank[NAMELEN];
data/hhsuite-3.3.0+ds/src/hhblits_omp.cpp:58:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char index_filename_out_rank[NAMELEN];
data/hhsuite-3.3.0+ds/src/hhblits_omp.cpp:63:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
db.data_fh = fopen(data_filename_out_rank, "w+");
data/hhsuite-3.3.0+ds/src/hhblits_omp.cpp:64:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
db.index_fh = fopen(index_filename_out_rank, "w+");
data/hhsuite-3.3.0+ds/src/hhconsensus.cpp:170:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int v = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhconsensus.cpp:175:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.nseqdis = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhconsensus.cpp:177:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.max_seqid = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhconsensus.cpp:179:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.qid = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhconsensus.cpp:183:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.coverage = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhconsensus.cpp:185:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.Ndiff = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhconsensus.cpp:192:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.Mgaps = atoi(argv[i]);
data/hhsuite-3.3.0+ds/src/hhconsensus.cpp:216:63: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.pc_hhm_context_engine.admix = (Pseudocounts::Admix) atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhconsensus.cpp:241:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.maxseq = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhconsensus.cpp:243:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.maxres = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhconsensus.cpp:319:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(par.outfile, ".seq");
data/hhsuite-3.3.0+ds/src/hhconsensus.cpp:388:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outf = fopen(par.outfile, "a");
data/hhsuite-3.3.0+ds/src/hhdatabase.cpp:44:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char a3m_index_filename[NAMELEN];
data/hhsuite-3.3.0+ds/src/hhdatabase.cpp:45:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char a3m_data_filename[NAMELEN];
data/hhsuite-3.3.0+ds/src/hhdatabase.cpp:47:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ca3m_index_filename[NAMELEN];
data/hhsuite-3.3.0+ds/src/hhdatabase.cpp:48:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ca3m_data_filename[NAMELEN];
data/hhsuite-3.3.0+ds/src/hhdatabase.cpp:79:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cs219_index_filename[NAMELEN];
data/hhsuite-3.3.0+ds/src/hhdatabase.cpp:80:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cs219_data_filename[NAMELEN];
data/hhsuite-3.3.0+ds/src/hhdatabase.cpp:89:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char a3m_index_filename[NAMELEN];
data/hhsuite-3.3.0+ds/src/hhdatabase.cpp:90:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char a3m_data_filename[NAMELEN];
data/hhsuite-3.3.0+ds/src/hhdatabase.cpp:99:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hhm_index_filename[NAMELEN];
data/hhsuite-3.3.0+ds/src/hhdatabase.cpp:100:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hhm_data_filename[NAMELEN];
data/hhsuite-3.3.0+ds/src/hhdatabase.cpp:238:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ca3m_index_filename[NAMELEN];
data/hhsuite-3.3.0+ds/src/hhdatabase.cpp:239:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ca3m_data_filename[NAMELEN];
data/hhsuite-3.3.0+ds/src/hhdatabase.cpp:241:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sequence_index_filename[NAMELEN];
data/hhsuite-3.3.0+ds/src/hhdatabase.cpp:242:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sequence_data_filename[NAMELEN];
data/hhsuite-3.3.0+ds/src/hhdatabase.cpp:244:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header_index_filename[NAMELEN];
data/hhsuite-3.3.0+ds/src/hhdatabase.cpp:245:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header_data_filename[NAMELEN];
data/hhsuite-3.3.0+ds/src/hhdatabase.cpp:265:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hhm_index_filename[NAMELEN];
data/hhsuite-3.3.0+ds/src/hhdatabase.cpp:266:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hhm_data_filename[NAMELEN];
data/hhsuite-3.3.0+ds/src/hhdatabase.cpp:374:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINELEN];
data/hhsuite-3.3.0+ds/src/hhdatabase.cpp:401:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINELEN];
data/hhsuite-3.3.0+ds/src/hhdatabase.cpp:425:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[NAMELEN];
data/hhsuite-3.3.0+ds/src/hhdatabase.cpp:477:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE * dbf = fopen(file, "r");
data/hhsuite-3.3.0+ds/src/hhdatabase.cpp:493:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINELEN];
data/hhsuite-3.3.0+ds/src/hhdatabase.cpp:496:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* inf = fopen(file, "r");
data/hhsuite-3.3.0+ds/src/hhdatabase.cpp:516:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[NAMELEN];
data/hhsuite-3.3.0+ds/src/hhdecl.h:150:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char infile[NAMELEN]; // input filename
data/hhsuite-3.3.0+ds/src/hhdecl.h:151:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outfile[NAMELEN]; // output filename
data/hhsuite-3.3.0+ds/src/hhdecl.h:152:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char matrices_output_file[NAMELEN];
data/hhsuite-3.3.0+ds/src/hhdecl.h:154:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pairwisealisfile[NAMELEN]; // output filename with pairwise alignments
data/hhsuite-3.3.0+ds/src/hhdecl.h:155:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char alisbasename[NAMELEN];
data/hhsuite-3.3.0+ds/src/hhdecl.h:156:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char alnfile[NAMELEN]; // name of output alignment file in A3M format (for iterative search)
data/hhsuite-3.3.0+ds/src/hhdecl.h:157:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hhmfile[NAMELEN]; // name of output HHM file for (iterative search)
data/hhsuite-3.3.0+ds/src/hhdecl.h:158:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char psifile[NAMELEN]; // name of output alignmen file in PSI-BLAST format (iterative search)
data/hhsuite-3.3.0+ds/src/hhdecl.h:159:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char scorefile[NAMELEN];// table of scores etc for all HMMs in searched database
data/hhsuite-3.3.0+ds/src/hhdecl.h:160:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m8file[NAMELEN]; // blast tab format for all HMMs in searched database
data/hhsuite-3.3.0+ds/src/hhdecl.h:161:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char indexfile[NAMELEN];// optional file containing indeices of aligned residues in given alignment
data/hhsuite-3.3.0+ds/src/hhdecl.h:163:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char alitabfile[NAMELEN]; // where to write pairs of aligned residues (-atab option)
data/hhsuite-3.3.0+ds/src/hhfilter.cpp:101:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int v = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhfilter.cpp:106:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.maxseq = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhfilter.cpp:108:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.maxres = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhfilter.cpp:111:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.max_seqid = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhfilter.cpp:113:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.qid = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhfilter.cpp:117:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.coverage = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhfilter.cpp:119:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.Ndiff = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhfilter.cpp:130:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.Mgaps = atoi(argv[i]);
data/hhsuite-3.3.0+ds/src/hhfilter.cpp:175:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
inf = fopen(par.infile, "r");
data/hhsuite-3.3.0+ds/src/hhfullalignment.cpp:197:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINELEN];
data/hhsuite-3.3.0+ds/src/hhfullalignment.cpp:199:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line,
data/hhsuite-3.3.0+ds/src/hhfullalignment.cpp:216:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char namestr[NAMELEN]; //name of sequence
data/hhsuite-3.3.0+ds/src/hhfullalignment.cpp:225:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINELEN];
data/hhsuite-3.3.0+ds/src/hhfullalignment.cpp:242:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "Q %-*.*s ", NLEN, NLEN, namestr);
data/hhsuite-3.3.0+ds/src/hhfullalignment.cpp:247:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "%1c",
data/hhsuite-3.3.0+ds/src/hhfullalignment.cpp:254:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "%1c", qa->s[k][h]);
data/hhsuite-3.3.0+ds/src/hhfullalignment.cpp:267:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "Q %-*.*s %4i ", NLEN, NLEN, namestr, lq[k]);
data/hhsuite-3.3.0+ds/src/hhfullalignment.cpp:270:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "%1c", qa->s[k][h]);
data/hhsuite-3.3.0+ds/src/hhfullalignment.cpp:274:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " %4i (%i)\n", lq[k] - 1, qa->l[k][qa->L + 1]);
data/hhsuite-3.3.0+ds/src/hhfullalignment.cpp:283:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "Q %-*.*s %4i ", NLEN, NLEN, namestr, iq);
data/hhsuite-3.3.0+ds/src/hhfullalignment.cpp:290:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "%1c", qa->s[k][h]);
data/hhsuite-3.3.0+ds/src/hhfullalignment.cpp:293:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " %4i (%i)\n", iq - 1, qa->L);
data/hhsuite-3.3.0+ds/src/hhfullalignment.cpp:298:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " %*.*s ", NLEN, NLEN, " ");
data/hhsuite-3.3.0+ds/src/hhfullalignment.cpp:301:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "%1c", symbol[h]);
data/hhsuite-3.3.0+ds/src/hhfullalignment.cpp:311:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "T %-*.*s %4i ", NLEN, NLEN, namestr, jt);
data/hhsuite-3.3.0+ds/src/hhfullalignment.cpp:318:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "%1c", ta->s[k][h]);
data/hhsuite-3.3.0+ds/src/hhfullalignment.cpp:321:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " %4i (%i)\n", jt - 1, ta->L);
data/hhsuite-3.3.0+ds/src/hhfullalignment.cpp:331:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "T %-*.*s %4i ", NLEN, NLEN, namestr, lt[k]);
data/hhsuite-3.3.0+ds/src/hhfullalignment.cpp:334:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "%1c", ta->s[k][h]);
data/hhsuite-3.3.0+ds/src/hhfullalignment.cpp:338:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " %4i (%i)\n", lt[k] - 1, ta->l[k][ta->L + 1]);
data/hhsuite-3.3.0+ds/src/hhfullalignment.cpp:356:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "T %-*.*s ", NLEN, NLEN, namestr);
data/hhsuite-3.3.0+ds/src/hhfullalignment.cpp:360:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "%1c",
data/hhsuite-3.3.0+ds/src/hhfullalignment.cpp:367:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "%1c", ta->s[k][h]);
data/hhsuite-3.3.0+ds/src/hhfullalignment.cpp:375:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "%-*.*s ", NLEN, NLEN,
data/hhsuite-3.3.0+ds/src/hhfullalignment.cpp:379:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "%1c", posterior[h]);
data/hhsuite-3.3.0+ds/src/hhfullalignment.h:30:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symbol[LINELEN]; // symbol[h] = symbol (= - . + |) indicating match score for col h of alignment
data/hhsuite-3.3.0+ds/src/hhfullalignment.h:31:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char posterior[LINELEN]; // posterior probability for pair of aligned columns
data/hhsuite-3.3.0+ds/src/hhfunc.cpp:12:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINELEN];
data/hhsuite-3.3.0+ds/src/hhfunc.cpp:29:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[NAMELEN];
data/hhsuite-3.3.0+ds/src/hhfunc.cpp:94:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char use_global_weights, HMM* q, Alignment* qali, float* pb,
data/hhsuite-3.3.0+ds/src/hhfunc.cpp:97:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[NAMELEN]; // path of input file (is needed to write full path and file name to HMM FILE record)
data/hhsuite-3.3.0+ds/src/hhfunc.cpp:105:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
inf = fopen(infile, "r");
data/hhsuite-3.3.0+ds/src/hhfunc.cpp:210:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ext[100];
data/hhsuite-3.3.0+ds/src/hhfunc.cpp:212:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fin = fopen(par.clusterfile.c_str(), "r");
data/hhsuite-3.3.0+ds/src/hhfunc.cpp:220:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ext, "crf");
data/hhsuite-3.3.0+ds/src/hhfunc.h:20:71: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void ReadQueryFile(Parameters& par, char* infile, char& input_format, char use_global_weights, HMM* q, Alignment* qali,
data/hhsuite-3.3.0+ds/src/hhhalfalignment.cpp:320:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outf = fopen(alnfile, "a");
data/hhsuite-3.3.0+ds/src/hhhalfalignment.cpp:322:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outf = fopen(alnfile, "w");
data/hhsuite-3.3.0+ds/src/hhhit.h:37:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fam[IDLEN]; // family ID (derived from name) (FAM field)
data/hhsuite-3.3.0+ds/src/hhhit.h:38:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sfam[IDLEN]; // superfamily ID (derived from name)
data/hhsuite-3.3.0+ds/src/hhhit.h:39:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fold[IDLEN]; // fold ID (derived from name)
data/hhsuite-3.3.0+ds/src/hhhit.h:40:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cl[IDLEN]; // class ID (derived from name)
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:51:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINELEN];
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:63:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Estr[10];
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:64:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Pstr[10];
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:65:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[NAMELEN];
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:66:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%3i %-30.30s ", nhits, hit.longname);
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:69:26: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if (hit.Eval>=1E-99) sprintf(Estr,"%8.2G",hit.Eval);
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:70:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
else sprintf(Estr,"%8.1E",hit.Eval);
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:71:26: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if (hit.Pval>=1E-99) sprintf(Pstr,"%8.2G",hit.Pval);
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:72:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
else sprintf(Pstr,"%8.1E",hit.Pval);
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:77:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(Estr, "%7.2G", hit.Eval);
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:79:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(Estr, "%7.0E", hit.Eval);
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:81:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(Pstr, "%7.2G", hit.Pval);
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:83:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(Pstr, "%7.0E", hit.Pval);
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:89:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%6.1f", hit.score);
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:90:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "%-6.6s %5.1f %4i %4i-%-4i %4i-%-4i(%i)\n", str, hit.score_ss,
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:119:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char showconf, const char showcons, const char showdssp,
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:119:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char showconf, const char showcons, const char showdssp,
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:119:53: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char showconf, const char showcons, const char showdssp,
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:120:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char showpred, const int b, const int B, const int z, const int Z,
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:141:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned int maxdbstrlen, const char showconf, const char showcons,
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:141:64: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned int maxdbstrlen, const char showconf, const char showcons,
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:142:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char showdssp, const char showpred, const int b, const int B,
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:142:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char showdssp, const char showpred, const int b, const int B,
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:153:60: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void HitList::PrintAlignments(HMM* q, char* outfile, const char showconf,
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:154:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char showcons, const char showdssp, const char showpred,
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:154:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char showcons, const char showdssp, const char showpred,
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:154:53: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char showcons, const char showdssp, const char showpred,
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:166:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outf.open(outfile, std::ios::out | std::ios::app);
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:169:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outf.open(outfile, std::ios::out);
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:180:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char showconf, const char showcons, const char showdssp,
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:180:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char showconf, const char showcons, const char showdssp,
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:180:53: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char showconf, const char showcons, const char showdssp,
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:181:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char showpred, const float p, const int aliwidth, const int nseqdis,
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:294:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINELEN];
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:365:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINELEN];
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:400:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINELEN];
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:420:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " i j score SS probab dssp\n");
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:424:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "%5i %5i %6.2f %6.2f %7.4f %5c\n", hit.i[step],
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:431:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "missing dssp\n");
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:433:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " i j score SS probab\n");
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:437:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "%5i %5i %6.2f %6.2f %7.4f\n", hit.i[step],
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:445:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " i j score SS\n");
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:449:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "%5i %5i %6.2f %6.2f\n", hit.i[step], hit.j[step],
data/hhsuite-3.3.0+ds/src/hhhitlist.h:46:53: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void PrintAlignments(HMM* q, char* outfile, const char showconf, const char showcons,
data/hhsuite-3.3.0+ds/src/hhhitlist.h:46:74: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void PrintAlignments(HMM* q, char* outfile, const char showconf, const char showcons,
data/hhsuite-3.3.0+ds/src/hhhitlist.h:47:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char showdssp, const char showpred, const float p, const int aliwidth, const int nseqdis,
data/hhsuite-3.3.0+ds/src/hhhitlist.h:47:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char showdssp, const char showpred, const float p, const int aliwidth, const int nseqdis,
data/hhsuite-3.3.0+ds/src/hhhitlist.h:49:62: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void PrintAlignments(HMM* q, std::stringstream& out, const char showconf, const char showcons,
data/hhsuite-3.3.0+ds/src/hhhitlist.h:49:83: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void PrintAlignments(HMM* q, std::stringstream& out, const char showconf, const char showcons,
data/hhsuite-3.3.0+ds/src/hhhitlist.h:50:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char showdssp, const char showpred, const float p, const int aliwidth, const int nseqdis,
data/hhsuite-3.3.0+ds/src/hhhitlist.h:50:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char showdssp, const char showpred, const float p, const int aliwidth, const int nseqdis,
data/hhsuite-3.3.0+ds/src/hhhitlist.h:54:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char showconf, const char showcons, const char showdssp, const char showpred,
data/hhsuite-3.3.0+ds/src/hhhitlist.h:54:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char showconf, const char showcons, const char showdssp, const char showpred,
data/hhsuite-3.3.0+ds/src/hhhitlist.h:54:52: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char showconf, const char showcons, const char showdssp, const char showpred,
data/hhsuite-3.3.0+ds/src/hhhitlist.h:54:73: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char showconf, const char showcons, const char showdssp, const char showpred,
data/hhsuite-3.3.0+ds/src/hhhitlist.h:58:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char showconf, const char showcons, const char showdssp, const char showpred,
data/hhsuite-3.3.0+ds/src/hhhitlist.h:58:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char showconf, const char showcons, const char showdssp, const char showpred,
data/hhsuite-3.3.0+ds/src/hhhitlist.h:58:52: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char showconf, const char showcons, const char showdssp, const char showpred,
data/hhsuite-3.3.0+ds/src/hhhitlist.h:58:73: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char showconf, const char showcons, const char showdssp, const char showpred,
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:203:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINELEN] = ""; // input line
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:204:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str3[8] = "", str4[8] = ""; // first 3 and 4 letters of input line
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:257:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(longname, "undefined");
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:258:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "undefined");
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:695:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINELEN] = ""; // input line
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:696:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char desc[DESCLEN] = ""; // description of family
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:697:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str4[5] = ""; // first 4 letters of input line
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:794:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(sname[nsa_dssp], "sa_dssp");
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:815:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(sname[nss_pred], "ss_pred");
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:836:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(sname[nss_conf], "ss_conf");
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:915:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(sname[nss_dssp], "ss_dssp");
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:1118:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(sname[k], "Consensus");
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:1206:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINELEN] = ""; // input line
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:1207:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char desc[DESCLEN] = ""; // description of family
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:1208:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str4[5] = ""; // first 4 letters of input line
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:1308:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(sname[nsa_dssp], "sa_dssp");
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:1329:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(sname[nss_pred], "ss_pred");
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:1350:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(sname[nss_conf], "ss_conf");
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:1425:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(sname[nss_dssp], "ss_dssp");
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:1627:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(sname[k], "Consensus");
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:2153:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outf.open(outfile, std::ios::out | std::ios::app);
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:2155:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outf.open(outfile, std::ios::out);
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:2173:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINELEN];
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:2217:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "NEFF %-4.1f\n", Neff_HMM);
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:2230:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "%-.*s\n", SEQLEN, seq[n] + 1 + j);
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:2270:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "%1c %-4i ", seq[nfirst][h++], i);
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:2278:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "%-i", l[i]);
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:2406:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(sname[nss_pred],
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:2415:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(sname[nss_conf], "ss_conf PSIPRED confidence values");
data/hhsuite-3.3.0+ds/src/hhhmm.h:49:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[NAMELEN]; // HMM name = first word in longname in lower case
data/hhsuite-3.3.0+ds/src/hhhmm.h:50:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[NAMELEN]; // Basename (with path, without extension) of alignment file that was used to construct the HMM
data/hhsuite-3.3.0+ds/src/hhhmm.h:51:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fam[NAMELEN]; // family ID (derived from name) (FAM field)
data/hhsuite-3.3.0+ds/src/hhhmm.h:52:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sfam[IDLEN]; // superfamily ID (derived from name)
data/hhsuite-3.3.0+ds/src/hhhmm.h:53:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fold[IDLEN]; // fold ID (derived from name)
data/hhsuite-3.3.0+ds/src/hhhmm.h:54:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cl[IDLEN]; // class ID (derived from name)
data/hhsuite-3.3.0+ds/src/hhmake.cpp:173:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int v = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhmake.cpp:178:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.nseqdis = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhmake.cpp:187:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.max_seqid = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhmake.cpp:189:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.qid = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhmake.cpp:193:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.coverage = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhmake.cpp:195:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.Ndiff = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhmake.cpp:206:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.Mgaps = atoi(argv[i]);
data/hhsuite-3.3.0+ds/src/hhmake.cpp:232:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.maxseq = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhmake.cpp:234:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.maxres = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhmake.cpp:238:63: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.pc_hhm_context_engine.admix = (Pseudocounts::Admix) atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhmake.cpp:263:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.maxseq = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhmake.cpp:265:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.maxres = par.maxcol = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhmake.cpp:333:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(par.outfile, ".hhm");
data/hhsuite-3.3.0+ds/src/hhmatrices.cpp:20:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void SetSubstitutionMatrix(const char matrix, float* pb, float P[20][20], float R[20][20], float S[20][20], float Sim[20][20])
data/hhsuite-3.3.0+ds/src/hhmatrices.h:267:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void SetSubstitutionMatrix(const char matrix, float* pb, float P[20][20], float R[20][20], float S[20][20], float Sim[20][20]);
data/hhsuite-3.3.0+ds/src/hhposteriordecoderrunner.cpp:125:84: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
std::vector<PosteriorDecoder *> *PosteriorDecoderRunner::initializeConsumerThreads(char loc,
data/hhsuite-3.3.0+ds/src/hhposteriordecoderrunner.h:41:61: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
std::vector<PosteriorDecoder*> * initializeConsumerThreads(char loc, size_t max_target_size, size_t query_size,
data/hhsuite-3.3.0+ds/src/hhprefilter.cpp:35:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fin = fopen(cs_library.c_str(), "r");
data/hhsuite-3.3.0+ds/src/hhprefilter.cpp:563:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char db_name[NAMELEN];
data/hhsuite-3.3.0+ds/src/hhprefilter.cpp:566:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[NAMELEN];
data/hhsuite-3.3.0+ds/src/hhsearch.cpp:341:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int v = atoi(argv[i]);
data/hhsuite-3.3.0+ds/src/hhsearch.cpp:351:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.b = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhsearch.cpp:353:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.B = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhsearch.cpp:355:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.z = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhsearch.cpp:357:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.Z = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhsearch.cpp:369:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.realign_max = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhsearch.cpp:371:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.realign_max = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhsearch.cpp:375:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.nseqdis = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhsearch.cpp:377:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.aliwidth = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhsearch.cpp:379:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.max_seqid = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhsearch.cpp:381:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.qid = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhsearch.cpp:385:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.coverage = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhsearch.cpp:387:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.Ndiff = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhsearch.cpp:414:60: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.pc_hhm_context_engine.admix = (Pseudocounts::Admix) atoi(
data/hhsuite-3.3.0+ds/src/hhsearch.cpp:424:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.pc_hhm_nocontext_mode = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhsearch.cpp:453:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.ssm = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhsearch.cpp:470:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.altali = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhsearch.cpp:479:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.Mgaps = atoi(argv[i]);
data/hhsuite-3.3.0+ds/src/hhsearch.cpp:490:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.columnscore = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhsearch.cpp:494:53: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.half_window_size_local_aa_bg_freqs = imax(1, atoi(argv[++i]));
data/hhsuite-3.3.0+ds/src/hhsearch.cpp:497:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.maxseq = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhsearch.cpp:499:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.maxres = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhsearch.cpp:502:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.threads = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhsearch.cpp:508:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.min_overlap = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhsearch.cpp:511:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
par.maxdbstrlen = atoi(argv[++i]);
data/hhsuite-3.3.0+ds/src/hhutil.cpp:44:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINELEN]=""; // input line
data/hhsuite-3.3.0+ds/src/hhutil.cpp:46:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_file[NAMELEN];
data/hhsuite-3.3.0+ds/src/hhutil.cpp:48:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tmp_file, ".sizes");
data/hhsuite-3.3.0+ds/src/hhutil.cpp:49:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* fin = fopen(tmp_file, "r");
data/hhsuite-3.3.0+ds/src/hhutil.cpp:58:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fin = fopen(file, "r");
data/hhsuite-3.3.0+ds/src/hhutil.cpp:147:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bytes[2];
data/hhsuite-3.3.0+ds/src/hhutil.cpp:158:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
signed char bytes[2];
data/hhsuite-3.3.0+ds/src/log.h:120:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[11];
data/hhsuite-3.3.0+ds/src/log.h:127:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char result[100] = {0};
data/hhsuite-3.3.0+ds/src/util-inl.h:343:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = -atoi(ptr);
data/hhsuite-3.3.0+ds/src/util-inl.h:345:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(ptr);
data/hhsuite-3.3.0+ds/src/util-inl.h:367:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(ptr - 1);
data/hhsuite-3.3.0+ds/src/util-inl.h:369:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(ptr);
data/hhsuite-3.3.0+ds/src/util.cpp:145:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = -atoi(ptr);
data/hhsuite-3.3.0+ds/src/util.cpp:147:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(ptr);
data/hhsuite-3.3.0+ds/src/util.cpp:190:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(ptr - 1);
data/hhsuite-3.3.0+ds/src/util.cpp:192:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(ptr);
data/hhsuite-3.3.0+ds/src/util.cpp:310:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char array[2];
data/hhsuite-3.3.0+ds/src/util.cpp:321:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char array[4];
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex.c:133:72: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ffindex_insert_file(data_file, index_file, &offset, ffnchomp(path, strlen(path)), basename(path));
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex.c:151:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t input_dir_name_len = strlen(input_dir_name);
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex.c:153:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(path, input_dir_name, NAME_MAX);
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex.c:166:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(path + input_dir_name_len, entry->d_name, NAME_MAX);
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex.c:278:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(search.name, name, FFINDEX_MAX_ENTRY_NAME_LENTH);
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_apply_mpi.c:146:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ssize_t r = read(pipefd_stdout[0], b, PIPE_BUF);
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_apply_mpi.c:158:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((r = read(pipefd_stdout[0], b, PIPE_BUF)) > 0) {
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_from_fasta_with_split.c:42:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(id);
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_from_fasta_with_split.c:69:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(substr, id + first_separator_index + 1, (second_separator_index - first_separator_index - 1));
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_from_fasta_with_split.c:71:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(id, substr, (second_separator_index - first_separator_index - 1));
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_modify.c:126:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
index = ffindex_unlink(index, ffnchomp(path, strlen(path)));
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffindex_order.c:82:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(line);
data/hhsuite-3.3.0+ds/lib/ffindex/src/ffutil.c:55:10: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = fgetc(fp);
data/hhsuite-3.3.0+ds/src/a3m_extract.cpp:152:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
in->read(buffer_content_c, stream_size);
data/hhsuite-3.3.0+ds/src/cs/alignment-inl.h:176:25: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(fin);
data/hhsuite-3.3.0+ds/src/cs/alignment-inl.h:196:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(fin);
data/hhsuite-3.3.0+ds/src/cs/alignment-inl.h:673:17: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int c = fgetc(fin);
data/hhsuite-3.3.0+ds/src/cs/io.h:42:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (l = strlen(str) - 1; l >= 0 && str[l] < 32; --l)
data/hhsuite-3.3.0+ds/src/cs/io.h:54:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (fgetc(file) != '\n') // ... read in rest of line
data/hhsuite-3.3.0+ds/src/cs/io.h:125:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const char* ptr = line + strlen(label);
data/hhsuite-3.3.0+ds/src/cs/io.h:140:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rv = atof(line + strlen(label));
data/hhsuite-3.3.0+ds/src/cs/io.h:154:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const char* ptr = strscn(line + strlen(label));
data/hhsuite-3.3.0+ds/src/cs/io.h:169:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const char* ptr = line + strlen(label);
data/hhsuite-3.3.0+ds/src/cs/io.h:197:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int c = getc(fin);
data/hhsuite-3.3.0+ds/src/cs/sequence-inl.h:133:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(fin);
data/hhsuite-3.3.0+ds/src/hash.h:49:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Pair(char* k, Typ& d) {key = new char[strlen(k)+1]; strcpy(key,k); data=d;}
data/hhsuite-3.3.0+ds/src/hhalign.cpp:207:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(par.alnfile, "");
data/hhsuite-3.3.0+ds/src/hhalign.cpp:567:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
par.exclstr = new char[strlen(argv[i])+1];
data/hhsuite-3.3.0+ds/src/hhalign.cpp:576:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
par.template_exclstr = new char[strlen(argv[i])+1];
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:123:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sname[k] = new char[strlen(ali.sname[k]) + 1];
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:131:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
seq[k] = new char[strlen(ali.seq[k]) + 1];
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:139:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
X[k] = initX(strlen(ali.seq[k]) + 2);
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:144:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
I[k] = new short unsigned int[strlen(ali.seq[k]) + 2];
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:222:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(cur_seq) <= 1) {
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:229:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
seq[k] = new char[strlen(cur_seq) + 2];
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:233:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
X[k] = initX(strlen(cur_seq) + 2);
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:237:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
I[k] = new short unsigned int[strlen(cur_seq) + 2];
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:357:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sname[k] = new char[strlen(cur_name) + 1];
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:371:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(longname, ptr1, DESCLEN - 1); // copy whole commentary line after '# ' into longname
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:491:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
seq[k] = new char[strlen(cur_seq) + 2];
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:494:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
X[k] = initX(strlen(cur_seq) + 2);
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:497:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
I[k] = new short unsigned int[strlen(cur_seq) + 2];
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:521:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(longname, sname[kfirst], DESCLEN - 1); // longname is name of first sequence
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:523:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(name, sname[kfirst], NAMELEN - 1); // Shortname is first word of longname...
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:656:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sname[k] = new char[strlen(cur_name) + 1];
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:774:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sname[k] = new char[strlen(cur_name) + 1];
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:793:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(longname, sname[kfirst], DESCLEN - 1); // longname is name of first sequence
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:795:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(name, sname[kfirst], NAMELEN - 1); // Shortname is first word of longname...
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:893:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int len = strlen(seq[kfirst]) - 1;
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:897:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(seq[k]) != len)
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:1012:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
L = strlen(seq[kfirst]) - 1;
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:1158:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
L = strlen(seq[0] + 1);
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:1162:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (int(strlen(seq[k] + 1)) != L) {
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:1345:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
seq[k] = new char[strlen(q->seq[qk]) + 1];
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:1349:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
X[k] = initX(strlen(q->seq[qk]) + 1);
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:1352:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
I[k] = new short unsigned int[strlen(q->seq[qk]) + 1];
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:1395:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sname[k] = new char[strlen(q->sname[qk]) + 1];
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:2181:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(q->name) == 0)
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:2183:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(q->longname) == 0)
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:2185:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(q->fam) == 0)
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:2229:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
q->sname[q->nfirst] = new char[strlen(name) + 11];
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:2306:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
q->sname[nn] = new char[strlen(sname[k]) + 1];
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:2313:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
q->seq[nn] = new char[strlen(seq[k]) + 1];
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:3645:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(new_seq, cur_seq, h); //////// check: maxcol-1 ????
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:3659:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(new_seq, cur_seq, h);
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:3678:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sname[N_in] = new char[strlen(Tali.sname[k]) + 1];
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:3738:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int) strlen(seq_pred) != L + 1) {
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:3761:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < strlen(seq_pred); ++i)
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:3764:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i <= strlen(seq_pred); ++i)
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:3774:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < strlen(seq_pred); ++i)
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:3786:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < strlen(seq_pred); ++i)
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:3789:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i <= strlen(seq_pred); ++i)
data/hhsuite-3.3.0+ds/src/hhalignment.cpp:3799:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < strlen(seq_pred); ++i)
data/hhsuite-3.3.0+ds/src/hhconsensus.cpp:278:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(par.infile, "");
data/hhsuite-3.3.0+ds/src/hhconsensus.cpp:279:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(par.outfile, "");
data/hhsuite-3.3.0+ds/src/hhconsensus.cpp:280:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(par.alnfile, "");
data/hhsuite-3.3.0+ds/src/hhdatabase.cpp:36:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(extension) != 0)
data/hhsuite-3.3.0+ds/src/hhdatabase.cpp:37:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(databaseName, "_");
data/hhsuite-3.3.0+ds/src/hhdatabase.cpp:75:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
basename = new char[strlen(base) + 1];
data/hhsuite-3.3.0+ds/src/hhdatabase.cpp:329:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char* name = new char[strlen(entry->name) + 1];
data/hhsuite-3.3.0+ds/src/hhdecl.cpp:139:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(infile, ""); // was reverted back from 'strcpy(infile,"stdin");' (to show help list when no options are given)
data/hhsuite-3.3.0+ds/src/hhdecl.cpp:140:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(outfile, "");
data/hhsuite-3.3.0+ds/src/hhdecl.cpp:141:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(matrices_output_file, "");
data/hhsuite-3.3.0+ds/src/hhdecl.cpp:143:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(pairwisealisfile, "");
data/hhsuite-3.3.0+ds/src/hhdecl.cpp:144:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(scorefile, "");
data/hhsuite-3.3.0+ds/src/hhdecl.cpp:145:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(m8file, "");
data/hhsuite-3.3.0+ds/src/hhdecl.cpp:146:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(indexfile, "");
data/hhsuite-3.3.0+ds/src/hhdecl.cpp:147:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(alnfile, "");
data/hhsuite-3.3.0+ds/src/hhdecl.cpp:148:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(hhmfile, "");
data/hhsuite-3.3.0+ds/src/hhdecl.cpp:149:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(psifile, "");
data/hhsuite-3.3.0+ds/src/hhdecl.cpp:150:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(alitabfile, "");
data/hhsuite-3.3.0+ds/src/hhdecl.cpp:151:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(alisbasename, "");
data/hhsuite-3.3.0+ds/src/hhfilter.cpp:147:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(par.infile, "");
data/hhsuite-3.3.0+ds/src/hhfilter.cpp:148:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(par.outfile, "");
data/hhsuite-3.3.0+ds/src/hhhit.cpp:240:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
this->longname=new char[strlen(t->longname)+1];
data/hhsuite-3.3.0+ds/src/hhhit.cpp:242:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
this->name =new char[strlen(t->name)+1];
data/hhsuite-3.3.0+ds/src/hhhit.cpp:243:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
this->file =new char[strlen(t->file)+1];
data/hhsuite-3.3.0+ds/src/hhhit.cpp:266:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
this->sname[k] = new char[strlen(t->sname[k])+1];
data/hhsuite-3.3.0+ds/src/hhhit.cpp:267:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
this->seq[k] = new char[strlen(t->seq[k])+1];
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:37:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(argv[i]) <= maxdbstrlen)
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:40:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
out << "<" << strlen(argv[i]) << "characters> ";
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:696:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
out.write(q->name, strlen(q->name));
data/hhsuite-3.3.0+ds/src/hhhitlist.cpp:712:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
out.write(name, strlen(it.name));
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:148:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sname[k] = new char[strlen(q.sname[k]) + 1];
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:155:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
seq[k] = new char[strlen(q.seq[k]) + 1];
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:269:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(fam, ""); //copy family name to basename
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:280:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(file, ptr, NAMELEN - 1 - strlen(file)); // append file name read from file to path
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:280:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(file, ptr, NAMELEN - 1 - strlen(file)); // append file name read from file to path
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:282:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(file, "*");
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:365:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
seq[k - 1] = new char[strlen(cur_seq) + 1];
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:374:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sname[k] = new char[strlen(line + 1) + 1]; //+1 for terminating '\0'
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:491:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
seq[k] = new char[strlen(cur_seq) + 1];
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:752:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(fam, "");
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:793:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(seq[nsa_dssp], " ");
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:800:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(seq[nsa_dssp]) + strlen(ptr) >= (unsigned) (maxres))
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:800:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(seq[nsa_dssp]) + strlen(ptr) >= (unsigned) (maxres))
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:814:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(seq[nss_pred], " ");
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:821:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(seq[nss_pred]) + strlen(ptr) >= (unsigned) (maxres))
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:821:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(seq[nss_pred]) + strlen(ptr) >= (unsigned) (maxres))
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:835:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(seq[nss_conf], " ");
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:841:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(seq[nss_conf]) + strlen(ptr) >= (unsigned) (maxres))
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:841:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(seq[nss_conf]) + strlen(ptr) >= (unsigned) (maxres))
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:1082:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(longname) > 0)
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:1083:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(longname, " ");
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:1084:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(longname, name, DESCLEN - strlen(longname) - 1); // longname = ACC NAME DESC
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:1084:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(longname, name, DESCLEN - strlen(longname) - 1); // longname = ACC NAME DESC
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:1085:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) > 0)
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:1086:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(longname, " ");
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:1087:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(longname, desc, DESCLEN - strlen(longname) - 1);
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:1087:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(longname, desc, DESCLEN - strlen(longname) - 1);
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:1119:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sname[k + 1] = new char[strlen(longname) + 1];
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:1145:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sname[k] = new char[strlen(longname) + 1];
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:1263:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(fam, "");
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:1307:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(seq[nsa_dssp], " ");
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:1314:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(seq[nsa_dssp]) + strlen(ptr) >= (unsigned) (maxres))
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:1314:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(seq[nsa_dssp]) + strlen(ptr) >= (unsigned) (maxres))
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:1328:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(seq[nss_pred], " ");
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:1335:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(seq[nss_pred]) + strlen(ptr) >= (unsigned) (maxres))
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:1335:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(seq[nss_pred]) + strlen(ptr) >= (unsigned) (maxres))
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:1349:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(seq[nss_conf], " ");
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:1355:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(seq[nss_conf]) + strlen(ptr) >= (unsigned) (maxres))
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:1355:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(seq[nss_conf]) + strlen(ptr) >= (unsigned) (maxres))
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:1591:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(longname) > 0)
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:1592:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(longname, " ");
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:1593:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(longname, name, DESCLEN - strlen(longname) - 1); // longname = ACC NAME DESC
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:1593:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(longname, name, DESCLEN - strlen(longname) - 1); // longname = ACC NAME DESC
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:1594:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) > 0)
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:1595:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(longname, " ");
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:1596:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(longname, desc, DESCLEN - strlen(longname) - 1);
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:1596:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(longname, desc, DESCLEN - strlen(longname) - 1);
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:1628:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sname[k + 1] = new char[strlen(longname) + 1];
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:1654:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sname[k] = new char[strlen(longname) + 1];
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:2198:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(argv[i]) <= 100)
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:2201:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
out << "<" << strlen(argv[i]) << " characters> ";
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:2229:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (unsigned int j = 0; j < strlen(seq[n] + 1); j += SEQLEN) {
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:2369:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int) strlen(seq_pred) != L + 1) {
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:2376:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < strlen(seq_pred); i++)
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:2379:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < strlen(seq_conf); i++)
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:2403:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < strlen(seq_pred); i++)
data/hhsuite-3.3.0+ds/src/hhhmm.cpp:2412:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < strlen(seq_conf); i++)
data/hhsuite-3.3.0+ds/src/hhmake.cpp:295:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(par.infile, "");
data/hhsuite-3.3.0+ds/src/hhmake.cpp:296:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(par.outfile, "");
data/hhsuite-3.3.0+ds/src/hhmake.cpp:297:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(par.alnfile, "");
data/hhsuite-3.3.0+ds/src/hhprefilter.cpp:325:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dbnames[n] = new char[strlen(entry->name) + 1];
data/hhsuite-3.3.0+ds/src/hhsearch.cpp:536:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
par.exclstr = new char[strlen(argv[i])+1];
data/hhsuite-3.3.0+ds/src/util-inl.h:382:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (l = strlen(str) - 1; l >= 0 && str[l] < 32; l--)
data/hhsuite-3.3.0+ds/src/util-inl.h:394:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (fgetc(file) != '\n')
ANALYSIS SUMMARY:
Hits = 884
Lines analyzed = 39005 in approximately 1.42 seconds (27443 lines/second)
Physical Source Lines of Code (SLOC) = 27245
Hits@level = [0] 803 [1] 167 [2] 549 [3] 15 [4] 153 [5] 0
Hits@level+ = [0+] 1687 [1+] 884 [2+] 717 [3+] 168 [4+] 153 [5+] 0
Hits/KSLOC@level+ = [0+] 61.9196 [1+] 32.4463 [2+] 26.3168 [3+] 6.16627 [4+] 5.61571 [5+] 0
Dot directories skipped = 2 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.