Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/igraph-0.8.3+ds/include/igraph_conversion.h Examining data/igraph-0.8.3+ds/include/igraph_attributes.h Examining data/igraph-0.8.3+ds/include/igraph_coloring.h Examining data/igraph-0.8.3+ds/include/igraph_scg.h Examining data/igraph-0.8.3+ds/include/igraph_decls.h Examining data/igraph-0.8.3+ds/include/igraph_centrality.h Examining data/igraph-0.8.3+ds/include/igraph_vector_type.h Examining data/igraph-0.8.3+ds/include/igraph_paths.h Examining data/igraph-0.8.3+ds/include/igraph_stack.h Examining data/igraph-0.8.3+ds/include/igraph_scan.h Examining data/igraph-0.8.3+ds/include/igraph_array.h Examining data/igraph-0.8.3+ds/include/igraph_separators.h Examining data/igraph-0.8.3+ds/include/igraph_vector_ptr.h Examining data/igraph-0.8.3+ds/include/igraph_datatype.h Examining data/igraph-0.8.3+ds/include/igraph_iterators.h Examining data/igraph-0.8.3+ds/include/igraph_eigen.h Examining data/igraph-0.8.3+ds/include/igraph_foreign.h Examining data/igraph-0.8.3+ds/include/igraph_strvector.h Examining data/igraph-0.8.3+ds/include/igraph_hrg.h Examining data/igraph-0.8.3+ds/include/igraph_embedding.h Examining data/igraph-0.8.3+ds/include/igraph_neighborhood.h Examining data/igraph-0.8.3+ds/include/igraph_bipartite.h Examining data/igraph-0.8.3+ds/include/igraph_nongraph.h Examining data/igraph-0.8.3+ds/include/igraph_interrupt.h Examining data/igraph-0.8.3+ds/include/igraph_complex.h Examining data/igraph-0.8.3+ds/include/igraph_matching.h Examining data/igraph-0.8.3+ds/include/igraph_heap.h Examining data/igraph-0.8.3+ds/include/igraph_matrix.h Examining data/igraph-0.8.3+ds/include/igraph_qsort.h Examining data/igraph-0.8.3+ds/include/igraph_constants.h Examining data/igraph-0.8.3+ds/include/igraph_interface.h Examining data/igraph-0.8.3+ds/include/igraph_cocitation.h Examining data/igraph-0.8.3+ds/include/igraph_progress.h Examining data/igraph-0.8.3+ds/include/igraph_flow.h Examining data/igraph-0.8.3+ds/include/igraph_error.h Examining data/igraph-0.8.3+ds/include/igraph_psumtree.h Examining data/igraph-0.8.3+ds/include/igraph_sparsemat.h Examining data/igraph-0.8.3+ds/include/igraph_version.h Examining data/igraph-0.8.3+ds/include/igraph_layout.h Examining data/igraph-0.8.3+ds/include/igraph_games.h Examining data/igraph-0.8.3+ds/include/igraph_pmt_off.h Examining data/igraph-0.8.3+ds/include/igraph_vector_pmt.h Examining data/igraph-0.8.3+ds/include/igraph_constructors.h Examining data/igraph-0.8.3+ds/include/igraph_threading.h Examining data/igraph-0.8.3+ds/include/igraph_statusbar.h Examining data/igraph-0.8.3+ds/include/igraph_cohesive_blocks.h Examining data/igraph-0.8.3+ds/include/igraph_blas.h Examining data/igraph-0.8.3+ds/include/igraph_arpack.h Examining data/igraph-0.8.3+ds/include/igraph_matrix_pmt.h Examining data/igraph-0.8.3+ds/include/igraph_stack_pmt.h Examining data/igraph-0.8.3+ds/include/igraph_types.h Examining data/igraph-0.8.3+ds/include/igraph_topology.h Examining data/igraph-0.8.3+ds/include/igraph_pmt.h Examining data/igraph-0.8.3+ds/include/igraph_array_pmt.h Examining data/igraph-0.8.3+ds/include/igraph_memory.h Examining data/igraph-0.8.3+ds/include/igraph_epidemics.h Examining data/igraph-0.8.3+ds/include/igraph_operators.h Examining data/igraph-0.8.3+ds/include/igraph_adjlist.h Examining data/igraph-0.8.3+ds/include/igraph_dqueue.h Examining data/igraph-0.8.3+ds/include/igraph_mixing.h Examining data/igraph-0.8.3+ds/include/igraph_visitor.h Examining data/igraph-0.8.3+ds/include/igraph_motifs.h Examining data/igraph-0.8.3+ds/include/igraph_heap_pmt.h Examining data/igraph-0.8.3+ds/include/igraph_graphlets.h Examining data/igraph-0.8.3+ds/include/igraph_cliques.h Examining data/igraph-0.8.3+ds/include/igraph_vector.h Examining data/igraph-0.8.3+ds/include/igraph.h Examining data/igraph-0.8.3+ds/include/igraph_spmatrix.h Examining data/igraph-0.8.3+ds/include/igraph_microscopic_update.h Examining data/igraph-0.8.3+ds/include/igraph_components.h Examining data/igraph-0.8.3+ds/include/igraph_lsap.h Examining data/igraph-0.8.3+ds/include/igraph_random.h Examining data/igraph-0.8.3+ds/include/igraph_structural.h Examining data/igraph-0.8.3+ds/include/igraph_lapack.h Examining data/igraph-0.8.3+ds/include/igraph_dqueue_pmt.h Examining data/igraph-0.8.3+ds/include/igraph_community.h Examining data/igraph-0.8.3+ds/include/igraph_transitivity.h Examining data/igraph-0.8.3+ds/examples/tests/cattr_bool_bug2.c Examining data/igraph-0.8.3+ds/examples/tests/igraph_community_leiden.c Examining data/igraph-0.8.3+ds/examples/tests/igraph_community_fluid_communities.c Examining data/igraph-0.8.3+ds/examples/tests/rng_reproducibility.c Examining data/igraph-0.8.3+ds/examples/tests/igraph_community_label_propagation.c Examining data/igraph-0.8.3+ds/examples/tests/igraph_decompose_strong.c Examining data/igraph-0.8.3+ds/examples/tests/igraph_closeness.c Examining data/igraph-0.8.3+ds/examples/tests/igraph_layout_reingold_tilford_extended.c Examining data/igraph-0.8.3+ds/examples/tests/simplify_and_colorize.c Examining data/igraph-0.8.3+ds/examples/tests/igraph_induced_subgraph.c Examining data/igraph-0.8.3+ds/examples/tests/maximal_cliques_hist.c Examining data/igraph-0.8.3+ds/examples/tests/igraph_layout_reingold_tilford_bug_879.c Examining data/igraph-0.8.3+ds/examples/tests/igraph_layout_kamada_kawai_3d_bug_1462.c Examining data/igraph-0.8.3+ds/examples/tests/igraph_count_multiple.c Examining data/igraph-0.8.3+ds/examples/tests/maximal_cliques_callback.c Examining data/igraph-0.8.3+ds/examples/tests/tree.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_write_graph_pajek.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_isomorphic_vf2.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_stochastic_imitation.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_all_st_cuts.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_eigen_matrix.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_sparsemat_is_symmetric.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_eigen_matrix_symmetric.c Examining data/igraph-0.8.3+ds/examples/simple/random_seed.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_difference.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_lapack_dgeev.c Examining data/igraph-0.8.3+ds/examples/simple/tls2.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_arpack_rnsolve.c Examining data/igraph-0.8.3+ds/examples/simple/pajek_bipartite.c Examining data/igraph-0.8.3+ds/examples/simple/scg2.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_is_loop.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_version.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_convex_hull.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_pagerank.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_rewire.c Examining data/igraph-0.8.3+ds/examples/simple/spmatrix.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_maximal_cliques3.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_intersection2.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_sparsemat.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_psumtree.c Examining data/igraph-0.8.3+ds/examples/simple/bug-1033045.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_motifs_randesu.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_bridges.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_layout_sugiyama.c Examining data/igraph-0.8.3+ds/examples/simple/isomorphism_test.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_degree.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_es_fromto.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_sparsemat2.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_atlas.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_read_graph_graphdb.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_neighbors.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_average_path_length.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_sparsemat8.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_add_vertices.c Examining data/igraph-0.8.3+ds/examples/simple/dot.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_community_optimal_modularity.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_community_leiden.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_tree.c Examining data/igraph-0.8.3+ds/examples/simple/single_target_shortest_path.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_scg_grouping3.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_gomory_hu_tree.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_hrg2.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_isomorphic_bliss.c Examining data/igraph-0.8.3+ds/examples/simple/even_tarjan.c Examining data/igraph-0.8.3+ds/examples/simple/heap.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_i_cutheap.c Examining data/igraph-0.8.3+ds/examples/simple/flow.c Examining data/igraph-0.8.3+ds/examples/simple/dijkstra.c Examining data/igraph-0.8.3+ds/examples/simple/cattributes4.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_bfs.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_sparsemat_minmax.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_get_eid.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_es_adj.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_eigen_matrix4.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_are_connected.c Examining data/igraph-0.8.3+ds/examples/simple/stack.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_weighted_adjacency.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_marked_queue.c Examining data/igraph-0.8.3+ds/examples/simple/pajek2.c Examining data/igraph-0.8.3+ds/examples/simple/pajek_bipartite2.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_sparsemat6.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_simplify.c Examining data/igraph-0.8.3+ds/examples/simple/bellman_ford.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_write_graph_lgl.c Examining data/igraph-0.8.3+ds/examples/simple/VF2-compat.c Examining data/igraph-0.8.3+ds/examples/simple/tls1.c Examining data/igraph-0.8.3+ds/examples/simple/matrix3.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_convergence_degree.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_read_graph_dl.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_get_shortest_paths.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_cliques.c Examining data/igraph-0.8.3+ds/examples/simple/vector.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_lapack_dgehrd.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_hashtable.c Examining data/igraph-0.8.3+ds/examples/simple/topology.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_add_edges.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_get_shortest_paths_dijkstra.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_barabasi_game.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_maximal_cliques4.c Examining data/igraph-0.8.3+ds/examples/simple/pajek_signed.c Examining data/igraph-0.8.3+ds/examples/simple/cattr_bool_bug.c Examining data/igraph-0.8.3+ds/examples/simple/mt.c Examining data/igraph-0.8.3+ds/examples/simple/scg.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_lapack_dgesv.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_to_prufer.c Examining data/igraph-0.8.3+ds/examples/simple/dqueue.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_intersection.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_degree_sequence_game.c Examining data/igraph-0.8.3+ds/examples/simple/assortativity.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_eigen_matrix_symmetric_arpack.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_from_prufer.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_community_label_propagation.c Examining data/igraph-0.8.3+ds/examples/simple/walktrap.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_feedback_arc_set.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_laplacian.c Examining data/igraph-0.8.3+ds/examples/simple/cohesive_blocks.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_minimal_separators.c Examining data/igraph-0.8.3+ds/examples/simple/indheap.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_scg_semiprojectors3.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_biconnected_components.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_is_separator.c Examining data/igraph-0.8.3+ds/examples/simple/spinglass.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_layout_merge2.c Examining data/igraph-0.8.3+ds/examples/simple/dominator_tree.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_eigen_matrix3.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_layout_mds.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_empty.c Examining data/igraph-0.8.3+ds/examples/simple/cattributes3.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_transitivity.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_scg_grouping.c Examining data/igraph-0.8.3+ds/examples/simple/vector3.c Examining data/igraph-0.8.3+ds/examples/simple/pajek.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_disjoint_union.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_get_all_shortest_paths_dijkstra.c Examining data/igraph-0.8.3+ds/examples/simple/biguint_betweenness.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_independent_sets.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_es_path.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_community_fastgreedy.c Examining data/igraph-0.8.3+ds/examples/simple/foreign.c Examining data/igraph-0.8.3+ds/examples/simple/eigenvector_centrality.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_all_st_mincuts.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_ring.c Examining data/igraph-0.8.3+ds/examples/simple/2wheap.c Examining data/igraph-0.8.3+ds/examples/simple/cattributes.c Examining data/igraph-0.8.3+ds/examples/simple/lineendings.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_sparsemat5.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_community_leading_eigenvector2.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_create.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_mincut.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_delete_vertices.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_moran_process.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_is_minimal_separator.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_erdos_renyi_game.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_vs_vector.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_scg_grouping4.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_compose.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_decompose.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_minimum_spanning_tree.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_lcf.c Examining data/igraph-0.8.3+ds/examples/simple/matrix2.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_power_law_fit.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_complementer.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_is_multiple.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_star.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_delete_edges.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_scg_semiprojectors.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_to_undirected.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_full.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_transitive_closure_dag.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_community_edge_betweenness.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_write_graph_leda.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_es_pairs.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_adjacency_spectral_embedding.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_knn.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_sparsemat_which_minmax.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_read_graph_lgl.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_random_walk.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_betweenness.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_coloring.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_get_all_simple_paths.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_local_transitivity.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_lapack_dsyevr.c Examining data/igraph-0.8.3+ds/examples/simple/levc-stress.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_vs_seq.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_girth.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_growing_random_game.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_layout_davidson_harel.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_layout_merge3.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_lapack_dgeevx.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_small.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_random_sample.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_scg_semiprojectors2.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_grg_game.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_preference_game.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_get_shortest_paths2.c Examining data/igraph-0.8.3+ds/examples/simple/cattributes2.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_eccentricity.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_is_directed.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_reciprocity.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_get_eids.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_eigen_matrix2.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_set.c Examining data/igraph-0.8.3+ds/examples/simple/watts_strogatz_game.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_maximum_bipartite_matching.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_edge_betweenness.c Examining data/igraph-0.8.3+ds/examples/simple/biguint.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_i_layout_sphere.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_similarity.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_topological_sorting.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_trie.c Examining data/igraph-0.8.3+ds/examples/simple/vector2.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_rng_get_exp.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_copy.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_weighted_cliques.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_sparsemat4.c Examining data/igraph-0.8.3+ds/examples/simple/triad_census.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_radius.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_community_leading_eigenvector.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_k_regular_game.c Examining data/igraph-0.8.3+ds/examples/simple/graphml.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_array.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_deterministic_optimal_imitation.c Examining data/igraph-0.8.3+ds/examples/simple/d_indheap.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_bipartite_projection.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_has_multiple.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_diameter.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_complex.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_correlated_game.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_vs_nonadj.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_is_tree.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_feedback_arc_set_ip.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_subisomorphic_lad.c Examining data/igraph-0.8.3+ds/examples/simple/scg3.c Examining data/igraph-0.8.3+ds/examples/simple/gml.c Examining data/igraph-0.8.3+ds/examples/simple/vector_ptr.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_lattice.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_fisher_yates_shuffle.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_is_degree_sequence.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_community_infomap.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_hrg.c Examining data/igraph-0.8.3+ds/examples/simple/centralization.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_realize_degree_sequence.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_strvector.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_maximal_cliques2.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_qsort_r.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_sparsemat9.c Examining data/igraph-0.8.3+ds/examples/simple/flow2.c Examining data/igraph-0.8.3+ds/examples/simple/blas.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_community_multilevel.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_sparsemat3.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_density.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_layout_merge.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_union.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_hrg3.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_scg_grouping2.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_bipartite_create.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_bfs2.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_barabasi_game2.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_roulette_wheel_imitation.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_layout_lgl.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_layout_grid.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_maximal_cliques.c Examining data/igraph-0.8.3+ds/examples/simple/bug-1149658.c Examining data/igraph-0.8.3+ds/examples/simple/cattributes5.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_cocitation.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_adjacency.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_minimum_size_separators.c Examining data/igraph-0.8.3+ds/examples/simple/matrix.c Examining data/igraph-0.8.3+ds/examples/simple/adjlist.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_sparsemat7.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_induced_subgraph_map.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_layout_reingold_tilford.c Examining data/igraph-0.8.3+ds/examples/simple/igraph_qsort.c Examining data/igraph-0.8.3+ds/examples/benchmarks/igraph_cliques.c Examining data/igraph-0.8.3+ds/examples/benchmarks/bench.h Examining data/igraph-0.8.3+ds/examples/benchmarks/igraph_transitivity.c Examining data/igraph-0.8.3+ds/examples/benchmarks/igraph_random_walk.c Examining data/igraph-0.8.3+ds/examples/benchmarks/igraph_coloring.c Examining data/igraph-0.8.3+ds/examples/benchmarks/igraph_maximal_cliques.c Examining data/igraph-0.8.3+ds/src/foreign-gml-lexer.c Examining data/igraph-0.8.3+ds/src/glet.c Examining data/igraph-0.8.3+ds/src/plfit/error.h Examining data/igraph-0.8.3+ds/src/plfit/arithmetic_sse_float.h Examining data/igraph-0.8.3+ds/src/plfit/hzeta.h Examining data/igraph-0.8.3+ds/src/plfit/arithmetic_ansi.h Examining data/igraph-0.8.3+ds/src/plfit/kolmogorov.c Examining data/igraph-0.8.3+ds/src/plfit/plfit.c Examining data/igraph-0.8.3+ds/src/plfit/mt.c Examining data/igraph-0.8.3+ds/src/plfit/sampling.c Examining data/igraph-0.8.3+ds/src/plfit/arithmetic_sse_double.h Examining data/igraph-0.8.3+ds/src/plfit/platform.c Examining data/igraph-0.8.3+ds/src/plfit/lbfgs.h Examining data/igraph-0.8.3+ds/src/plfit/gss.c Examining data/igraph-0.8.3+ds/src/plfit/rbinom.c Examining data/igraph-0.8.3+ds/src/plfit/error.c Examining data/igraph-0.8.3+ds/src/plfit/kolmogorov.h Examining data/igraph-0.8.3+ds/src/plfit/hzeta.c Examining data/igraph-0.8.3+ds/src/plfit/sampling.h Examining data/igraph-0.8.3+ds/src/plfit/mt.h Examining data/igraph-0.8.3+ds/src/plfit/plfit.h Examining data/igraph-0.8.3+ds/src/plfit/lbfgs.c Examining data/igraph-0.8.3+ds/src/plfit/gss.h Examining data/igraph-0.8.3+ds/src/plfit/platform.h Examining data/igraph-0.8.3+ds/src/plfit/options.c Examining data/igraph-0.8.3+ds/src/NetRoutines.cpp Examining data/igraph-0.8.3+ds/src/foreign-dl-parser.c Examining data/igraph-0.8.3+ds/src/igraph_estack.h Examining data/igraph-0.8.3+ds/src/igraph_blas_internal.h Examining data/igraph-0.8.3+ds/src/components.c Examining data/igraph-0.8.3+ds/src/feedback_arc_set.c Examining data/igraph-0.8.3+ds/src/fast_community.c Examining data/igraph-0.8.3+ds/src/DensityGrid_3d.h Examining data/igraph-0.8.3+ds/src/layout.c Examining data/igraph-0.8.3+ds/src/spmatrix.c Examining data/igraph-0.8.3+ds/src/foreign-gml-parser.h Examining data/igraph-0.8.3+ds/src/walktrap.cpp Examining data/igraph-0.8.3+ds/src/atlas-edges.h Examining data/igraph-0.8.3+ds/src/gengraph_random.cpp Examining data/igraph-0.8.3+ds/src/lad.c Examining data/igraph-0.8.3+ds/src/igraph_psumtree.c Examining data/igraph-0.8.3+ds/src/igraph_error.c Examining data/igraph-0.8.3+ds/src/igraph_cliquer.h Examining data/igraph-0.8.3+ds/src/igraph_fixed_vectorlist.c Examining data/igraph-0.8.3+ds/src/forestfire.c Examining data/igraph-0.8.3+ds/src/structural_properties_internal.h Examining data/igraph-0.8.3+ds/src/foreign-pajek-parser.h Examining data/igraph-0.8.3+ds/src/f2c.h Examining data/igraph-0.8.3+ds/src/gengraph_box_list.h Examining data/igraph-0.8.3+ds/src/drl_layout_3d.cpp Examining data/igraph-0.8.3+ds/src/interrupt.c Examining data/igraph-0.8.3+ds/src/foreign-ncol-parser.c Examining data/igraph-0.8.3+ds/src/bipartite.c Examining data/igraph-0.8.3+ds/src/drl_parse.cpp Examining data/igraph-0.8.3+ds/src/hrg_rbtree.h Examining data/igraph-0.8.3+ds/src/memory.c Examining data/igraph-0.8.3+ds/src/math.c Examining data/igraph-0.8.3+ds/src/eigen.c Examining data/igraph-0.8.3+ds/src/optimal_modularity.c Examining data/igraph-0.8.3+ds/src/foreign-dl-lexer.c Examining data/igraph-0.8.3+ds/src/NetRoutines.h Examining data/igraph-0.8.3+ds/src/glpk_support.c Examining data/igraph-0.8.3+ds/src/foreign-lgl-lexer.c Examining data/igraph-0.8.3+ds/src/heap.c Examining data/igraph-0.8.3+ds/src/basic_query.c Examining data/igraph-0.8.3+ds/src/gengraph_definitions.h Examining data/igraph-0.8.3+ds/src/arpack.c Examining data/igraph-0.8.3+ds/src/spanning_trees.c Examining data/igraph-0.8.3+ds/src/gengraph_degree_sequence.h Examining data/igraph-0.8.3+ds/src/flow.c Examining data/igraph-0.8.3+ds/src/bliss/utils.cc Examining data/igraph-0.8.3+ds/src/bliss/graph.cc Examining data/igraph-0.8.3+ds/src/bliss/uintseqhash.cc Examining data/igraph-0.8.3+ds/src/bliss/defs.cc Examining data/igraph-0.8.3+ds/src/bliss/bliss_heap.cc Examining data/igraph-0.8.3+ds/src/bliss/orbit.cc Examining data/igraph-0.8.3+ds/src/bliss/partition.cc Examining data/igraph-0.8.3+ds/src/array.c Examining data/igraph-0.8.3+ds/src/degree_sequence.cpp Examining data/igraph-0.8.3+ds/src/igraph_grid.c Examining data/igraph-0.8.3+ds/src/drl_graph_3d.cpp Examining data/igraph-0.8.3+ds/src/paths.c Examining data/igraph-0.8.3+ds/src/igraph_marked_queue.c Examining data/igraph-0.8.3+ds/src/DensityGrid.h Examining data/igraph-0.8.3+ds/src/foreign-lgl-parser.c Examining data/igraph-0.8.3+ds/src/embedding.c Examining data/igraph-0.8.3+ds/src/spectral_properties.c Examining data/igraph-0.8.3+ds/src/visitors.c Examining data/igraph-0.8.3+ds/src/walktrap_graph.cpp Examining data/igraph-0.8.3+ds/src/gengraph_qsort.h Examining data/igraph-0.8.3+ds/src/drl_graph.cpp Examining data/igraph-0.8.3+ds/src/hrg_splittree_eq.h Examining data/igraph-0.8.3+ds/src/drl_layout.cpp Examining data/igraph-0.8.3+ds/src/COLAMD/Include/colamd.h Examining data/igraph-0.8.3+ds/src/COLAMD/Source/colamd_global.c Examining data/igraph-0.8.3+ds/src/COLAMD/Source/colamd.c Examining data/igraph-0.8.3+ds/src/vector.c Examining data/igraph-0.8.3+ds/src/clustertool.cpp Examining data/igraph-0.8.3+ds/src/igraph_hashtable.c Examining data/igraph-0.8.3+ds/src/qsort_r.c Examining data/igraph-0.8.3+ds/src/topology.c Examining data/igraph-0.8.3+ds/src/gengraph_hash.h Examining data/igraph-0.8.3+ds/src/triangles_template.h Examining data/igraph-0.8.3+ds/src/drl_layout_3d.h Examining data/igraph-0.8.3+ds/src/DensityGrid.cpp Examining data/igraph-0.8.3+ds/src/iterators.c Examining data/igraph-0.8.3+ds/src/motifs.c Examining data/igraph-0.8.3+ds/src/scg.c Examining data/igraph-0.8.3+ds/src/gengraph_graph_molloy_hash.cpp Examining data/igraph-0.8.3+ds/src/dqueue.c Examining data/igraph-0.8.3+ds/src/drl_parse.h Examining data/igraph-0.8.3+ds/src/igraph_buckets.c Examining data/igraph-0.8.3+ds/src/mixing.c Examining data/igraph-0.8.3+ds/src/hrg_graph_simp.h Examining data/igraph-0.8.3+ds/src/prpack.h Examining data/igraph-0.8.3+ds/src/gengraph_vertex_cover.h Examining data/igraph-0.8.3+ds/src/layout_gem.c Examining data/igraph-0.8.3+ds/src/cs/cs_load.c Examining data/igraph-0.8.3+ds/src/cs/cs_ipvec.c Examining data/igraph-0.8.3+ds/src/cs/cs_reach.c Examining data/igraph-0.8.3+ds/src/cs/cs_chol.c Examining data/igraph-0.8.3+ds/src/cs/cs_pvec.c Examining data/igraph-0.8.3+ds/src/cs/cs_dmperm.c Examining data/igraph-0.8.3+ds/src/cs/cs_lsolve.c Examining data/igraph-0.8.3+ds/src/cs/cs_qrsol.c Examining data/igraph-0.8.3+ds/src/cs/cs_symperm.c Examining data/igraph-0.8.3+ds/src/cs/cs_schol.c Examining data/igraph-0.8.3+ds/src/cs/cs_droptol.c Examining data/igraph-0.8.3+ds/src/cs/cs_entry.c Examining data/igraph-0.8.3+ds/src/cs/cs_randperm.c Examining data/igraph-0.8.3+ds/src/cs/cs_scatter.c Examining data/igraph-0.8.3+ds/src/cs/cs_leaf.c Examining data/igraph-0.8.3+ds/src/cs/cs_post.c Examining data/igraph-0.8.3+ds/src/cs/cs_dupl.c Examining data/igraph-0.8.3+ds/src/cs/cs_malloc.c Examining data/igraph-0.8.3+ds/src/cs/cs_dfs.c Examining data/igraph-0.8.3+ds/src/cs/cs_lusol.c Examining data/igraph-0.8.3+ds/src/cs/cs_add.c Examining data/igraph-0.8.3+ds/src/cs/cs_updown.c Examining data/igraph-0.8.3+ds/src/cs/cs_utsolve.c Examining data/igraph-0.8.3+ds/src/cs/cs_cholsol.c Examining data/igraph-0.8.3+ds/src/cs/cs_compress.c Examining data/igraph-0.8.3+ds/src/cs/cs_transpose.c Examining data/igraph-0.8.3+ds/src/cs/cs_maxtrans.c Examining data/igraph-0.8.3+ds/src/cs/cs_print.c Examining data/igraph-0.8.3+ds/src/cs/cs_lu.c Examining data/igraph-0.8.3+ds/src/cs/cs_multiply.c Examining data/igraph-0.8.3+ds/src/cs/cs_gaxpy.c Examining data/igraph-0.8.3+ds/src/cs/cs_ltsolve.c Examining data/igraph-0.8.3+ds/src/cs/cs_usolve.c Examining data/igraph-0.8.3+ds/src/cs/cs_fkeep.c Examining data/igraph-0.8.3+ds/src/cs/cs_spsolve.c Examining data/igraph-0.8.3+ds/src/cs/cs_happly.c Examining data/igraph-0.8.3+ds/src/cs/cs_ereach.c Examining data/igraph-0.8.3+ds/src/cs/cs_sqr.c Examining data/igraph-0.8.3+ds/src/cs/cs_amd.c Examining data/igraph-0.8.3+ds/src/cs/cs_cumsum.c Examining data/igraph-0.8.3+ds/src/cs/cs_dropzeros.c Examining data/igraph-0.8.3+ds/src/cs/cs_permute.c Examining data/igraph-0.8.3+ds/src/cs/cs_house.c Examining data/igraph-0.8.3+ds/src/cs/cs.h Examining data/igraph-0.8.3+ds/src/cs/cs_etree.c Examining data/igraph-0.8.3+ds/src/cs/cs_pinv.c Examining data/igraph-0.8.3+ds/src/cs/cs_scc.c Examining data/igraph-0.8.3+ds/src/cs/cs_qr.c Examining data/igraph-0.8.3+ds/src/cs/UFconfig.h Examining data/igraph-0.8.3+ds/src/cs/cs_norm.c Examining data/igraph-0.8.3+ds/src/cs/cs_tdfs.c Examining data/igraph-0.8.3+ds/src/cs/cs_counts.c Examining data/igraph-0.8.3+ds/src/cs/cs_util.c Examining data/igraph-0.8.3+ds/src/prpack.cpp Examining data/igraph-0.8.3+ds/src/cohesive_blocks.c Examining data/igraph-0.8.3+ds/src/type_indexededgelist.c Examining data/igraph-0.8.3+ds/src/hrg_graph.h Examining data/igraph-0.8.3+ds/src/igraph_glpk_support.h Examining data/igraph-0.8.3+ds/src/bigint.c Examining data/igraph-0.8.3+ds/src/gengraph_graph_molloy_optimized.h Examining data/igraph-0.8.3+ds/src/scan.c Examining data/igraph-0.8.3+ds/src/walktrap_graph.h Examining data/igraph-0.8.3+ds/src/triangles.c Examining data/igraph-0.8.3+ds/src/maximal_cliques_template.h Examining data/igraph-0.8.3+ds/src/random.c Examining data/igraph-0.8.3+ds/src/microscopic_update.c Examining data/igraph-0.8.3+ds/src/igraph_math.h Examining data/igraph-0.8.3+ds/src/bliss.cc Examining data/igraph-0.8.3+ds/src/lapack.c Examining data/igraph-0.8.3+ds/src/complex.c Examining data/igraph-0.8.3+ds/src/infomap_Greedy.cc Examining data/igraph-0.8.3+ds/src/infomap_Node.cc Examining data/igraph-0.8.3+ds/src/igraph_hrg_types.cc Examining data/igraph-0.8.3+ds/src/foreign.c Examining data/igraph-0.8.3+ds/src/gengraph_header.h Examining data/igraph-0.8.3+ds/src/infomap.cc Examining data/igraph-0.8.3+ds/src/igraph_gml_tree.h Examining data/igraph-0.8.3+ds/src/igraph_hrg.cc Examining data/igraph-0.8.3+ds/src/cattributes.c Examining data/igraph-0.8.3+ds/src/dotproduct.c Examining data/igraph-0.8.3+ds/src/bignum.c Examining data/igraph-0.8.3+ds/src/foreign-pajek-header.h Examining data/igraph-0.8.3+ds/src/sir.c Examining data/igraph-0.8.3+ds/src/igraph_flow_internal.h Examining data/igraph-0.8.3+ds/src/decomposition.c Examining data/igraph-0.8.3+ds/src/qsort.c Examining data/igraph-0.8.3+ds/src/sbm.c Examining data/igraph-0.8.3+ds/src/foreign-gml-header.h Examining data/igraph-0.8.3+ds/src/drl_graph.h Examining data/igraph-0.8.3+ds/src/scg_optimal_method.c Examining data/igraph-0.8.3+ds/src/community_leiden.c Examining data/igraph-0.8.3+ds/src/gengraph_degree_sequence.cpp Examining data/igraph-0.8.3+ds/src/igraph_cliquer.c Examining data/igraph-0.8.3+ds/src/gml_tree.c Examining data/igraph-0.8.3+ds/src/AMD/Include/amd_internal.h Examining data/igraph-0.8.3+ds/src/AMD/Include/amd.h Examining data/igraph-0.8.3+ds/src/AMD/Source/amd_global.c Examining data/igraph-0.8.3+ds/src/AMD/Source/amd_info.c Examining data/igraph-0.8.3+ds/src/AMD/Source/amd_preprocess.c Examining data/igraph-0.8.3+ds/src/AMD/Source/amd_defaults.c Examining data/igraph-0.8.3+ds/src/AMD/Source/amd_post_tree.c Examining data/igraph-0.8.3+ds/src/AMD/Source/amd_1.c Examining data/igraph-0.8.3+ds/src/AMD/Source/amd_postorder.c Examining data/igraph-0.8.3+ds/src/AMD/Source/amd_valid.c Examining data/igraph-0.8.3+ds/src/AMD/Source/amd_2.c Examining data/igraph-0.8.3+ds/src/AMD/Source/amd_aat.c Examining data/igraph-0.8.3+ds/src/AMD/Source/amd_dump.c Examining data/igraph-0.8.3+ds/src/AMD/Source/amd_order.c Examining data/igraph-0.8.3+ds/src/AMD/Source/amd_control.c Examining data/igraph-0.8.3+ds/src/NetDataTypes.h Examining data/igraph-0.8.3+ds/src/foreign-pajek-parser.c Examining data/igraph-0.8.3+ds/src/scg_exact_scg.c Examining data/igraph-0.8.3+ds/src/gengraph_box_list.cpp Examining data/igraph-0.8.3+ds/src/community.c Examining data/igraph-0.8.3+ds/src/foreign-gml-parser.c Examining data/igraph-0.8.3+ds/src/games.c Examining data/igraph-0.8.3+ds/src/foreign-dl-parser.h Examining data/igraph-0.8.3+ds/src/maximal_cliques.c Examining data/igraph-0.8.3+ds/src/cocitation.c Examining data/igraph-0.8.3+ds/src/igraph_estack.c Examining data/igraph-0.8.3+ds/src/layout_dh.c Examining data/igraph-0.8.3+ds/src/pottsmodel_2.cpp Examining data/igraph-0.8.3+ds/src/drl_graph_3d.h Examining data/igraph-0.8.3+ds/src/drl_layout.h Examining data/igraph-0.8.3+ds/src/gengraph_mr-connected.cpp Examining data/igraph-0.8.3+ds/src/sugiyama.c Examining data/igraph-0.8.3+ds/src/progress.c Examining data/igraph-0.8.3+ds/src/hacks.c Examining data/igraph-0.8.3+ds/src/scg_utils.c Examining data/igraph-0.8.3+ds/src/foreign-ncol-lexer.c Examining data/igraph-0.8.3+ds/src/scg_headers.h Examining data/igraph-0.8.3+ds/src/igraph_marked_queue.h Examining data/igraph-0.8.3+ds/src/foreign-lgl-parser.h Examining data/igraph-0.8.3+ds/src/infomap_FlowGraph.cc Examining data/igraph-0.8.3+ds/src/igraph_set.c Examining data/igraph-0.8.3+ds/src/igraph_isoclasses.h Examining data/igraph-0.8.3+ds/src/types.c Examining data/igraph-0.8.3+ds/src/atlas.c Examining data/igraph-0.8.3+ds/src/distances.c Examining data/igraph-0.8.3+ds/src/other.c Examining data/igraph-0.8.3+ds/src/gengraph_random.h Examining data/igraph-0.8.3+ds/src/igraph_trie.c Examining data/igraph-0.8.3+ds/src/structure_generators.c Examining data/igraph-0.8.3+ds/src/matching.c Examining data/igraph-0.8.3+ds/src/foreign-graphml.c Examining data/igraph-0.8.3+ds/src/igraph_stack.c Examining data/igraph-0.8.3+ds/src/SuiteSparse_config/SuiteSparse_config.c Examining data/igraph-0.8.3+ds/src/SuiteSparse_config/SuiteSparse_config.h Examining data/igraph-0.8.3+ds/src/gengraph_graph_molloy_hash.h Examining data/igraph-0.8.3+ds/src/walktrap_communities.h Examining data/igraph-0.8.3+ds/src/igraph_interrupt_internal.h Examining data/igraph-0.8.3+ds/src/operators.c Examining data/igraph-0.8.3+ds/src/foreign-ncol-parser.h Examining data/igraph-0.8.3+ds/src/cores.c Examining data/igraph-0.8.3+ds/src/version.c Examining data/igraph-0.8.3+ds/src/layout_kk.c Examining data/igraph-0.8.3+ds/src/lsap.c Examining data/igraph-0.8.3+ds/src/walktrap_heap.cpp Examining data/igraph-0.8.3+ds/src/prpack/prpack_preprocessed_scc_graph.h Examining data/igraph-0.8.3+ds/src/prpack/prpack_utils.cpp Examining data/igraph-0.8.3+ds/src/prpack/prpack_preprocessed_ge_graph.h Examining data/igraph-0.8.3+ds/src/prpack/prpack_preprocessed_scc_graph.cpp Examining data/igraph-0.8.3+ds/src/prpack/prpack_preprocessed_ge_graph.cpp Examining data/igraph-0.8.3+ds/src/prpack/prpack.h Examining data/igraph-0.8.3+ds/src/prpack/prpack_base_graph.cpp Examining data/igraph-0.8.3+ds/src/prpack/prpack_preprocessed_schur_graph.cpp Examining data/igraph-0.8.3+ds/src/prpack/prpack_preprocessed_gs_graph.h Examining data/igraph-0.8.3+ds/src/prpack/prpack_utils.h Examining data/igraph-0.8.3+ds/src/prpack/prpack_igraph_graph.cpp Examining data/igraph-0.8.3+ds/src/prpack/prpack_csr.h Examining data/igraph-0.8.3+ds/src/prpack/prpack_preprocessed_gs_graph.cpp Examining data/igraph-0.8.3+ds/src/prpack/prpack_preprocessed_schur_graph.h Examining data/igraph-0.8.3+ds/src/prpack/prpack_edge_list.h Examining data/igraph-0.8.3+ds/src/prpack/prpack_base_graph.h Examining data/igraph-0.8.3+ds/src/prpack/prpack_result.cpp Examining data/igraph-0.8.3+ds/src/prpack/prpack_solver.h Examining data/igraph-0.8.3+ds/src/prpack/prpack_igraph_graph.h Examining data/igraph-0.8.3+ds/src/prpack/prpack_solver.cpp Examining data/igraph-0.8.3+ds/src/prpack/prpack_result.h Examining data/igraph-0.8.3+ds/src/prpack/prpack_csc.h Examining data/igraph-0.8.3+ds/src/prpack/prpack_preprocessed_graph.h Examining data/igraph-0.8.3+ds/src/triangles_template1.h Examining data/igraph-0.8.3+ds/src/infomap_Node.h Examining data/igraph-0.8.3+ds/src/foreign-pajek-lexer.c Examining data/igraph-0.8.3+ds/src/gengraph_graph_molloy_optimized.cpp Examining data/igraph-0.8.3+ds/src/igraph_handle_exceptions.h Examining data/igraph-0.8.3+ds/src/bigint.h Examining data/igraph-0.8.3+ds/src/igraph_hacks_internal.h Examining data/igraph-0.8.3+ds/src/drl_Node_3d.h Examining data/igraph-0.8.3+ds/src/igraph_types_internal.h Examining data/igraph-0.8.3+ds/src/vector_ptr.c Examining data/igraph-0.8.3+ds/src/foreign-lgl-header.h Examining data/igraph-0.8.3+ds/src/zeroin.c Examining data/igraph-0.8.3+ds/src/st-cuts.c Examining data/igraph-0.8.3+ds/src/fortran_intrinsics.c Examining data/igraph-0.8.3+ds/src/igraph_lapack_internal.h Examining data/igraph-0.8.3+ds/src/foreign-ncol-header.h Examining data/igraph-0.8.3+ds/src/separators.c Examining data/igraph-0.8.3+ds/src/statusbar.c Examining data/igraph-0.8.3+ds/src/DensityGrid_3d.cpp Examining data/igraph-0.8.3+ds/src/cliquer/cliquer.c Examining data/igraph-0.8.3+ds/src/cliquer/misc.h Examining data/igraph-0.8.3+ds/src/cliquer/graph.h Examining data/igraph-0.8.3+ds/src/cliquer/reorder.h Examining data/igraph-0.8.3+ds/src/cliquer/cliquer.h Examining data/igraph-0.8.3+ds/src/cliquer/cliquerconf.h Examining data/igraph-0.8.3+ds/src/cliquer/reorder.c Examining data/igraph-0.8.3+ds/src/cliquer/cliquer_graph.c Examining data/igraph-0.8.3+ds/src/cliquer/set.h Examining data/igraph-0.8.3+ds/src/random_walk.c Examining data/igraph-0.8.3+ds/src/centrality.c Examining data/igraph-0.8.3+ds/src/igraph_strvector.c Examining data/igraph-0.8.3+ds/src/infomap_FlowGraph.h Examining data/igraph-0.8.3+ds/src/igraph_arpack_internal.h Examining data/igraph-0.8.3+ds/src/scg_kmeans.c Examining data/igraph-0.8.3+ds/src/drl_Node.h Examining data/igraph-0.8.3+ds/src/blas.c Examining data/igraph-0.8.3+ds/src/hrg_dendro.h Examining data/igraph-0.8.3+ds/src/layout_fr.c Examining data/igraph-0.8.3+ds/src/infomap_Greedy.h Examining data/igraph-0.8.3+ds/src/CHOLMOD/Core/cholmod_dense.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Core/t_cholmod_change_factor.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Core/t_cholmod_triplet.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Core/cholmod_add.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Core/cholmod_change_factor.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Core/cholmod_sparse.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Core/cholmod_copy.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Core/cholmod_memory.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Core/cholmod_triplet.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Core/cholmod_transpose.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Core/cholmod_common.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Core/cholmod_complex.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Core/cholmod_factor.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Core/cholmod_version.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Core/cholmod_error.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Core/t_cholmod_dense.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Core/cholmod_aat.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Core/t_cholmod_transpose.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Core/cholmod_band.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Include/cholmod_supernodal.h Examining data/igraph-0.8.3+ds/src/CHOLMOD/Include/cholmod_modify.h Examining data/igraph-0.8.3+ds/src/CHOLMOD/Include/cholmod_blas.h Examining data/igraph-0.8.3+ds/src/CHOLMOD/Include/cholmod_internal.h Examining data/igraph-0.8.3+ds/src/CHOLMOD/Include/cholmod_core.h Examining data/igraph-0.8.3+ds/src/CHOLMOD/Include/cholmod_config.h Examining data/igraph-0.8.3+ds/src/CHOLMOD/Include/cholmod_io64.h Examining data/igraph-0.8.3+ds/src/CHOLMOD/Include/cholmod_check.h Examining data/igraph-0.8.3+ds/src/CHOLMOD/Include/cholmod_partition.h Examining data/igraph-0.8.3+ds/src/CHOLMOD/Include/cholmod_camd.h Examining data/igraph-0.8.3+ds/src/CHOLMOD/Include/cholmod_matrixops.h Examining data/igraph-0.8.3+ds/src/CHOLMOD/Include/cholmod_template.h Examining data/igraph-0.8.3+ds/src/CHOLMOD/Include/cholmod_complexity.h Examining data/igraph-0.8.3+ds/src/CHOLMOD/Include/cholmod_cholesky.h Examining data/igraph-0.8.3+ds/src/CHOLMOD/Include/cholmod.h Examining data/igraph-0.8.3+ds/src/CHOLMOD/Modify/t_cholmod_updown_numkr.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Modify/cholmod_rowdel.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Modify/cholmod_updown.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Modify/t_cholmod_updown.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Modify/cholmod_rowadd.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Cholesky/cholmod_factorize.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Cholesky/cholmod_postorder.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Cholesky/cholmod_rowcolcounts.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Cholesky/cholmod_rcond.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Cholesky/cholmod_resymbol.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Cholesky/t_cholmod_solve.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Cholesky/cholmod_etree.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Cholesky/cholmod_colamd.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Cholesky/t_cholmod_rowfac.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Cholesky/cholmod_solve.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Cholesky/cholmod_amd.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Cholesky/t_cholmod_ltsolve.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Cholesky/cholmod_rowfac.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Cholesky/t_cholmod_lsolve.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Cholesky/cholmod_analyze.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Cholesky/cholmod_spsolve.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Supernodal/cholmod_super_symbolic.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Supernodal/t_cholmod_super_numeric.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Supernodal/cholmod_super_numeric.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Supernodal/cholmod_super_solve.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Supernodal/t_cholmod_super_solve.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Supernodal/t_cholmod_gpu.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Partition/cholmod_camd.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Partition/cholmod_csymamd.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Partition/cholmod_ccolamd.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Partition/cholmod_metis.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Partition/cholmod_nesdis.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/MatrixOps/t_cholmod_sdmult.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/MatrixOps/cholmod_horzcat.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/MatrixOps/cholmod_sdmult.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/MatrixOps/cholmod_symmetry.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/MatrixOps/cholmod_drop.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/MatrixOps/cholmod_submatrix.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/MatrixOps/cholmod_norm.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/MatrixOps/cholmod_scale.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/MatrixOps/cholmod_ssmult.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/MatrixOps/cholmod_vertcat.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Check/cholmod_check.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Check/cholmod_read.c Examining data/igraph-0.8.3+ds/src/CHOLMOD/Check/cholmod_write.c Examining data/igraph-0.8.3+ds/src/bignum.h Examining data/igraph-0.8.3+ds/src/cliques.c Examining data/igraph-0.8.3+ds/src/gengraph_powerlaw.h Examining data/igraph-0.8.3+ds/src/structural_properties.c Examining data/igraph-0.8.3+ds/src/walktrap_heap.h Examining data/igraph-0.8.3+ds/src/attributes.c Examining data/igraph-0.8.3+ds/src/pottsmodel_2.h Examining data/igraph-0.8.3+ds/src/sparsemat.c Examining data/igraph-0.8.3+ds/src/conversion.c Examining data/igraph-0.8.3+ds/src/bfgs.c Examining data/igraph-0.8.3+ds/src/walktrap_communities.cpp Examining data/igraph-0.8.3+ds/src/gengraph_powerlaw.cpp Examining data/igraph-0.8.3+ds/src/NetDataTypes.cpp Examining data/igraph-0.8.3+ds/src/matrix.c Examining data/igraph-0.8.3+ds/src/adjlist.c Examining data/igraph-0.8.3+ds/src/foreign-dl-header.h Examining data/igraph-0.8.3+ds/src/igraph_heap.c Examining data/igraph-0.8.3+ds/src/scg_approximate_methods.c Examining data/igraph-0.8.3+ds/src/coloring.c FINAL RESULTS: data/igraph-0.8.3+ds/examples/simple/igraph_is_minimal_separator.c:27:31: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define FAIL(msg, error) do { printf(msg "\n") ; return error; } while (0) data/igraph-0.8.3+ds/examples/simple/igraph_is_separator.c:27:31: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define FAIL(msg, error) do { printf(msg "\n") ; return error; } while (0) data/igraph-0.8.3+ds/examples/tests/simplify_and_colorize.c:7:5: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(name "\n"); \ data/igraph-0.8.3+ds/examples/tests/tree.c:7:5: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(name "\n"); \ data/igraph-0.8.3+ds/include/igraph_matrix_pmt.h:211:37: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. DECLDIR int FUNCTION(igraph_matrix, printf)(const TYPE(igraph_matrix) *m, data/igraph-0.8.3+ds/include/igraph_vector_pmt.h:217:37: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. DECLDIR int FUNCTION(igraph_vector, printf)(const TYPE(igraph_vector) *v, data/igraph-0.8.3+ds/src/AMD/Source/amd_dump.c:39:2: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. fscanf (f, ID, &AMD_debug) ; data/igraph-0.8.3+ds/src/AMD/Source/amd_global.c:79:41: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. int (*amd_printf) (const char *, ...) = printf ; data/igraph-0.8.3+ds/src/CHOLMOD/Check/cholmod_write.c:132:8: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ok = (fprintf (f, ID, i) > 0) ; data/igraph-0.8.3+ds/src/CHOLMOD/Check/cholmod_write.c:265:11: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ok = (fprintf (f, ID " " ID, 1+i, 1+j) > 0) ; data/igraph-0.8.3+ds/src/CHOLMOD/Check/cholmod_write.c:577:17: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ok = ok && (fprintf (f, ID " " ID " " ID "\n", nrow, ncol, nz) > 0) ; data/igraph-0.8.3+ds/src/CHOLMOD/Check/cholmod_write.c:716:17: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ok = ok && (fprintf (f, ID " " ID "\n", nrow, ncol) > 0) ; data/igraph-0.8.3+ds/src/CHOLMOD/Core/cholmod_common.c:120:30: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. Common->print_function = printf ; data/igraph-0.8.3+ds/src/CHOLMOD/Include/cholmod_internal.h:384:2: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf params ; \ data/igraph-0.8.3+ds/src/COLAMD/Source/colamd_global.c:19:44: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. int (*colamd_printf) (const char *, ...) = printf ; data/igraph-0.8.3+ds/src/NetDataTypes.cpp:59:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(name, n); data/igraph-0.8.3+ds/src/NetDataTypes.cpp:93:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(color.pajek_c, c.pajek_c); data/igraph-0.8.3+ds/src/NetDataTypes.h:243:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(name, n); data/igraph-0.8.3+ds/src/bliss/defs.cc:34:3: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. vsprintf(buffer, fmt, ap); data/igraph-0.8.3+ds/src/cattributes.c:1314:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tmp2 + len, tmp); data/igraph-0.8.3+ds/src/fast_community.c:43:5: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf(stderr, fmt, args); data/igraph-0.8.3+ds/src/fast_community.c:49:24: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define debug(...) fprintf(stderr, __VA_ARGS__) data/igraph-0.8.3+ds/src/foreign-dl-lexer.c:594:9: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define fprintf(file, msg, ...) (1) data/igraph-0.8.3+ds/src/foreign-dl-parser.c:809:21: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. # define YYFPRINTF fprintf data/igraph-0.8.3+ds/src/foreign-gml-lexer.c:503:9: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define fprintf(file, msg, ...) (1) data/igraph-0.8.3+ds/src/foreign-gml-parser.c:693:21: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. # define YYFPRINTF fprintf data/igraph-0.8.3+ds/src/foreign-graphml.c:247:5: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(state->error_message, 4096, msg, ap); data/igraph-0.8.3+ds/src/foreign-lgl-lexer.c:489:9: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define fprintf(file, msg, ...) (1) data/igraph-0.8.3+ds/src/foreign-lgl-parser.c:671:21: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. # define YYFPRINTF fprintf data/igraph-0.8.3+ds/src/foreign-ncol-lexer.c:489:9: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define fprintf(file, msg, ...) (1) data/igraph-0.8.3+ds/src/foreign-ncol-parser.c:664:21: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. # define YYFPRINTF fprintf data/igraph-0.8.3+ds/src/foreign-pajek-lexer.c:608:9: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define fprintf(file, msg, ...) (1) data/igraph-0.8.3+ds/src/foreign-pajek-parser.c:1025:21: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. # define YYFPRINTF fprintf data/igraph-0.8.3+ds/src/foreign.c:1976:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(d + 1, src); data/igraph-0.8.3+ds/src/glpk_support.c:87:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(message_and_code, "%s (%s)", message, code); data/igraph-0.8.3+ds/src/hacks.c:51:20: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). char* result = strcpy(s1, s2); data/igraph-0.8.3+ds/src/igraph_error.c:131:5: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(igraph_i_errormsg_buffer, data/igraph-0.8.3+ds/src/igraph_error.c:138:5: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(igraph_i_errormsg_buffer, data/igraph-0.8.3+ds/src/igraph_error.c:279:5: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(igraph_i_warningmsg_buffer, data/igraph-0.8.3+ds/src/igraph_strvector.c:163:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(sv->data[idx], value); data/igraph-0.8.3+ds/src/igraph_strvector.c:499:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(v->data[s], value); data/igraph-0.8.3+ds/src/matching.c:43:5: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf(stderr, fmt, args); data/igraph-0.8.3+ds/src/matching.c:49:24: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define debug(...) fprintf(stderr, __VA_ARGS__) data/igraph-0.8.3+ds/src/plfit/platform.h:41:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/igraph-0.8.3+ds/src/plfit/platform.h:41:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/igraph-0.8.3+ds/src/progress.c:96:5: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(igraph_i_progressmsg_buffer, data/igraph-0.8.3+ds/src/statusbar.c:85:5: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(buffer, sizeof(buffer) - 1, message, ap); data/igraph-0.8.3+ds/src/sugiyama.c:49:5: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf(stderr, fmt, args); data/igraph-0.8.3+ds/src/sugiyama.c:55:24: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define debug(...) fprintf(stderr, __VA_ARGS__) data/igraph-0.8.3+ds/src/types.c:28:13: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/igraph-0.8.3+ds/src/types.c:28:22: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/igraph-0.8.3+ds/src/types.c:97:16: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. return printf(IGRAPH_REAL_PRINTF_PRECISE_FORMAT, val); data/igraph-0.8.3+ds/src/types.c:108:16: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. return printf(IGRAPH_REAL_PRINTF_PRECISE_FORMAT, val); data/igraph-0.8.3+ds/src/types.c:115:16: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. return fprintf(file, IGRAPH_REAL_PRINTF_PRECISE_FORMAT, val); data/igraph-0.8.3+ds/src/types.c:126:16: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. return fprintf(file, IGRAPH_REAL_PRINTF_PRECISE_FORMAT, val); data/igraph-0.8.3+ds/src/types.c:132:16: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. return snprintf(str, size, IGRAPH_REAL_PRINTF_PRECISE_FORMAT, val); data/igraph-0.8.3+ds/src/types.c:143:16: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. return snprintf(str, size, IGRAPH_REAL_PRINTF_PRECISE_FORMAT, val); data/igraph-0.8.3+ds/examples/simple/2wheap.c:35:5: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(42); /* make tests deterministic */ data/igraph-0.8.3+ds/examples/simple/igraph_i_layout_sphere.c:38:5: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(42); /* make tests deterministic */ data/igraph-0.8.3+ds/examples/simple/igraph_layout_mds.c:36:5: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(42); /* make tests deterministic */ data/igraph-0.8.3+ds/examples/simple/igraph_sparsemat2.c:174:5: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(1); data/igraph-0.8.3+ds/src/gengraph_powerlaw.cpp:23:25: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. #define my_random() random() data/igraph-0.8.3+ds/examples/simple/assortativity.c:43:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). karate = fopen("karate.gml", "r"); data/igraph-0.8.3+ds/examples/simple/assortativity.c:57:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). neural = fopen("celegansneural.gml", "r"); data/igraph-0.8.3+ds/examples/simple/assortativity.c:73:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). karate = fopen("karate.gml", "r"); data/igraph-0.8.3+ds/examples/simple/assortativity.c:88:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). neural = fopen("celegansneural.gml", "r"); data/igraph-0.8.3+ds/examples/simple/assortativity.c:126:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). karate = fopen("karate.gml", "r"); data/igraph-0.8.3+ds/examples/simple/cattr_bool_bug.c:37:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *ifile = fopen("cattr_bool_bug.graphml", "r"); data/igraph-0.8.3+ds/examples/simple/cattributes.c:161:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[21]; data/igraph-0.8.3+ds/examples/simple/cattributes.c:166:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ifile = fopen("LINKS.NET", "r"); data/igraph-0.8.3+ds/examples/simple/dot.c:32:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ifile = fopen("karate.gml", "r"); data/igraph-0.8.3+ds/examples/simple/flow.c:38:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). infile = fopen("ak-4102.max", "r"); data/igraph-0.8.3+ds/examples/simple/flow2.c:164:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). infile = fopen("ak-4102.max", "r"); data/igraph-0.8.3+ds/examples/simple/foreign.c:33:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ifile = fopen("LINKS.NET", "r"); data/igraph-0.8.3+ds/examples/simple/gml.c:32:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ifile = fopen("karate.gml", "r"); data/igraph-0.8.3+ds/examples/simple/graphml.c:80:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ifile = fopen("test.gxl", "r"); data/igraph-0.8.3+ds/examples/simple/graphml.c:99:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ofile = fopen("test2.gxl", "w"); data/igraph-0.8.3+ds/examples/simple/graphml.c:112:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ifile = fopen("test.gxl", "r"); data/igraph-0.8.3+ds/examples/simple/graphml.c:121:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ifile = fopen("graphml-default-attrs.xml", "r"); data/igraph-0.8.3+ds/examples/simple/graphml.c:134:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ifile = fopen("graphml-namespace.xml", "r"); data/igraph-0.8.3+ds/examples/simple/graphml.c:143:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ifile = fopen("graphml-lenient.xml", "r"); data/igraph-0.8.3+ds/examples/simple/graphml.c:152:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ifile = fopen("graphml-malformed.xml", "r"); data/igraph-0.8.3+ds/examples/simple/graphml.c:172:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ifile = fopen("graphml-hsa05010.xml", "r"); data/igraph-0.8.3+ds/examples/simple/igraph_community_infomap.c:255:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *wikt = fopen("wikti_en_V_syn.elist", "r"); data/igraph-0.8.3+ds/examples/simple/igraph_layout_reingold_tilford.c:34:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen("igraph_layout_reingold_tilford.in", "r"); data/igraph-0.8.3+ds/examples/simple/igraph_maximum_bipartite_matching.c:198:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(fname, "r"); data/igraph-0.8.3+ds/examples/simple/igraph_read_graph_dl.c:43:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). infile = fopen(files[i], "r"); data/igraph-0.8.3+ds/examples/simple/igraph_read_graph_graphdb.c:31:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). input = fopen("iso_b03_m1000.A00", "rb"); data/igraph-0.8.3+ds/examples/simple/igraph_read_graph_lgl.c:32:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). input = fopen("igraph_read_graph_lgl-1.lgl", "r"); data/igraph-0.8.3+ds/examples/simple/igraph_read_graph_lgl.c:45:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). input = fopen("igraph_read_graph_lgl-2.lgl", "r"); data/igraph-0.8.3+ds/examples/simple/igraph_read_graph_lgl.c:58:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). input = fopen("igraph_read_graph_lgl-2.lgl", "r"); data/igraph-0.8.3+ds/examples/simple/igraph_read_graph_lgl.c:68:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). input = fopen("igraph_read_graph_lgl-3.lgl", "r"); data/igraph-0.8.3+ds/examples/simple/igraph_version.c:29:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[100]; data/igraph-0.8.3+ds/examples/simple/igraph_version.c:34:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp, "%i.%i.%i", major, minor, subminor); data/igraph-0.8.3+ds/examples/simple/levc-stress.c:40:24: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *DLFile = fopen("input.dl", "r"); data/igraph-0.8.3+ds/examples/simple/lineendings.c:34:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ifile = fopen("pajek1.net", "r"); data/igraph-0.8.3+ds/examples/simple/lineendings.c:43:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ifile = fopen("pajek2.net", "r"); data/igraph-0.8.3+ds/examples/simple/lineendings.c:52:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ifile = fopen("pajek3.net", "r"); data/igraph-0.8.3+ds/examples/simple/lineendings.c:61:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ifile = fopen("pajek4.net", "r"); data/igraph-0.8.3+ds/examples/simple/pajek.c:30:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ifile = fopen("pajek5.net", "r"); data/igraph-0.8.3+ds/examples/simple/pajek.c:42:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ifile = fopen("pajek6.net", "r"); data/igraph-0.8.3+ds/examples/simple/pajek2.c:34:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ifile = fopen("bipartite.net", "r"); data/igraph-0.8.3+ds/examples/simple/pajek_bipartite2.c:96:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). input = fopen("pajek_bip.net", "r"); data/igraph-0.8.3+ds/examples/simple/pajek_bipartite2.c:112:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). input = fopen("pajek_bip2.net", "r"); data/igraph-0.8.3+ds/examples/simple/pajek_signed.c:89:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). input = fopen("pajek_signed.net", "r"); data/igraph-0.8.3+ds/examples/tests/cattr_bool_bug2.c:14:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* ifile = fopen("cattr_bool_bug2.graphml", "r"); data/igraph-0.8.3+ds/examples/tests/igraph_layout_reingold_tilford_bug_879.c:37:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen("igraph_layout_reingold_tilford_bug_879.in", "r"); data/igraph-0.8.3+ds/examples/tests/igraph_layout_reingold_tilford_extended.c:36:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen("igraph_layout_reingold_tilford_extended.in", "r"); data/igraph-0.8.3+ds/include/igraph_arpack.h:225:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bmat[1]; /* I-standard problem, G-generalized */ data/igraph-0.8.3+ds/include/igraph_arpack.h:227:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char which[2]; /* LA, SA, LM, SM, BE */ data/igraph-0.8.3+ds/src/AMD/Source/amd_dump.c:32:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen ("debug.amd", "r") ; data/igraph-0.8.3+ds/src/CHOLMOD/Check/cholmod_check.c:2261:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen ("debug", "r") ; data/igraph-0.8.3+ds/src/CHOLMOD/Check/cholmod_read.c:1095:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf [MAXLINE+1] ; data/igraph-0.8.3+ds/src/CHOLMOD/Check/cholmod_read.c:1190:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf [MAXLINE+1] ; data/igraph-0.8.3+ds/src/CHOLMOD/Check/cholmod_read.c:1258:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf [MAXLINE+1] ; data/igraph-0.8.3+ds/src/CHOLMOD/Check/cholmod_write.c:46:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer [MAXLINE] ; data/igraph-0.8.3+ds/src/CHOLMOD/Check/cholmod_write.c:50:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). cf = fopen (comments, "r") ; data/igraph-0.8.3+ds/src/CHOLMOD/Check/cholmod_write.c:125:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s [MAXLINE], *p ; data/igraph-0.8.3+ds/src/CHOLMOD/Check/cholmod_write.c:156:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (s, "%.*g", width, x) ; data/igraph-0.8.3+ds/src/CHOLMOD/Check/cholmod_write.c:230:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (s, "%.*g", width, x) ; data/igraph-0.8.3+ds/src/CHOLMOD/Partition/cholmod_metis.c:89:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen ("metisgraph", "w") ; data/igraph-0.8.3+ds/src/COLAMD/Source/colamd.c:920:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *method, data/igraph-0.8.3+ds/src/COLAMD/Source/colamd.c:3177:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *method, data/igraph-0.8.3+ds/src/COLAMD/Source/colamd.c:3590:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen ("debug", "r") ; data/igraph-0.8.3+ds/src/NetDataTypes.cpp:63:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(color.pajek_c, "Green"); data/igraph-0.8.3+ds/src/NetDataTypes.h:182:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pajek_c[20]; data/igraph-0.8.3+ds/src/NetDataTypes.h:205:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[255]; data/igraph-0.8.3+ds/src/NetRoutines.cpp:61:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[255]; data/igraph-0.8.3+ds/src/NetRoutines.cpp:97:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(name, "%li", i1); data/igraph-0.8.3+ds/src/NetRoutines.cpp:101:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(name, "%li", i2); data/igraph-0.8.3+ds/src/arpack.c:583:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sort[2]; data/igraph-0.8.3+ds/src/arpack.c:640:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(VECTOR(*values), d, sizeof(igraph_real_t) * nans); data/igraph-0.8.3+ds/src/arpack.c:650:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&MATRIX(*vectors, 0, i), ptr, sizeof(igraph_real_t) * n); data/igraph-0.8.3+ds/src/arpack.c:666:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sort[2]; data/igraph-0.8.3+ds/src/arpack.c:701:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&MATRIX(*values, 0, 0), dr, sizeof(igraph_real_t) * nans); data/igraph-0.8.3+ds/src/arpack.c:702:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&MATRIX(*values, 0, 1), di, sizeof(igraph_real_t) * nans); data/igraph-0.8.3+ds/src/arpack.c:724:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&MATRIX(*vectors, 0, vx), v + n * idx, sizeof(igraph_real_t) * n); data/igraph-0.8.3+ds/src/arpack.c:731:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&MATRIX(*vectors, 0, vx), v + n * idx, sizeof(igraph_real_t) * 2 * n); data/igraph-0.8.3+ds/src/arpack.c:740:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&MATRIX(*vectors, 0, vx), v + n * idx, sizeof(igraph_real_t) * 2 * n); data/igraph-0.8.3+ds/src/arpack.c:815:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/igraph-0.8.3+ds/src/arpack.c:871:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char origwhich[2] = { options->which[0], options->which[1] }; data/igraph-0.8.3+ds/src/arpack.c:1126:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char origwhich[2] = { options->which[0], options->which[1] }; data/igraph-0.8.3+ds/src/arpack.c:1402:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( &MATRIX(*vectors, 0, k - 1), &MATRIX(*vectors, 0, j), colsize); data/igraph-0.8.3+ds/src/arpack.c:1411:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( &MATRIX(*vectors, 0, k), &MATRIX(*vectors, 0, j), colsize); data/igraph-0.8.3+ds/src/arpack.c:1412:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( &MATRIX(*vectors, 0, k - 1), &MATRIX(*vectors, 0, j - 1), colsize); data/igraph-0.8.3+ds/src/bignum.c:46:32: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static IGRAPH_THREAD_LOCAL char *xbuff[8] = { data/igraph-0.8.3+ds/src/bignum.c:87:32: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static IGRAPH_THREAD_LOCAL char *dbuff[8] = { data/igraph-0.8.3+ds/src/bignum.c:135:32: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static IGRAPH_THREAD_LOCAL char *dbuff[8] = { data/igraph-0.8.3+ds/src/bignum.c:186:32: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static IGRAPH_THREAD_LOCAL char *bbuff[8] = { data/igraph-0.8.3+ds/src/bignum.c:260:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(a, b, nlimb * sizeof(limb_t)); data/igraph-0.8.3+ds/src/bliss/defs.cc:30:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[1024]; data/igraph-0.8.3+ds/src/bliss/defs.cc:33:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer, "Bliss fatal error: "); data/igraph-0.8.3+ds/src/bliss/graph.cc:2076:20: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* const fp = fopen(filename, "w"); data/igraph-0.8.3+ds/src/bliss/graph.cc:4358:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen(filename, "w"); data/igraph-0.8.3+ds/src/cliquer/cliquer_graph.c:173:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fp=fopen(file,"wb"))==NULL) data/igraph-0.8.3+ds/src/cliquer/cliquer_graph.c:225:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fp=fopen(file,"wb"))==NULL) data/igraph-0.8.3+ds/src/cliquer/cliquer_graph.c:268:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf,"c "); data/igraph-0.8.3+ds/src/cliquer/cliquer_graph.c:273:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"p edge %d %d\n",g->n,graph_edge_count(g)); data/igraph-0.8.3+ds/src/cliquer/cliquer_graph.c:277:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"n %d %d\n",i+1,g->weights[i]); data/igraph-0.8.3+ds/src/cliquer/cliquer_graph.c:316:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fp=fopen(file,"rb"))==NULL) { data/igraph-0.8.3+ds/src/cliquer/cliquer_graph.c:335:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[1024]; data/igraph-0.8.3+ds/src/cliquer/cliquer_graph.c:337:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[10]; data/igraph-0.8.3+ds/src/cliquer/cliquer_graph.c:370:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[16]; data/igraph-0.8.3+ds/src/cliquer/cliquer_graph.c:450:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[10]; data/igraph-0.8.3+ds/src/cliquer/cliquer_graph.c:526:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[1024]; data/igraph-0.8.3+ds/src/cliquer/reorder.c:101:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new,order,n*sizeof(int)); data/igraph-0.8.3+ds/src/cliquer/set.h:222:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new,s,SET_ARRAY_LENGTH(s)*sizeof(setelement)); data/igraph-0.8.3+ds/src/cliquer/set.h:241:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest,src,SET_ARRAY_LENGTH(src)*sizeof(setelement)); data/igraph-0.8.3+ds/src/clustertool.cpp:457:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char startnode[255]; data/igraph-0.8.3+ds/src/eigen.c:105:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&MATRIX(*vectors, 0, pr), &MATRIX(vec1, 0, p1), data/igraph-0.8.3+ds/src/eigen.c:115:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&MATRIX(*vectors, 0, pr), &MATRIX(vec2, 0, p2), data/igraph-0.8.3+ds/src/eigen.c:184:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&MATRIX(*vectors, 0, pr), &MATRIX(vec, 0, p1), data/igraph-0.8.3+ds/src/eigen.c:194:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&MATRIX(*vectors, 0, pr), &MATRIX(vec, 0, p2), data/igraph-0.8.3+ds/src/eigen.c:294:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&MATRIX(*vectors, 0, pr), &MATRIX(vec1, 0, p1), data/igraph-0.8.3+ds/src/eigen.c:304:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&MATRIX(*vectors, 0, pr), &MATRIX(vec2, 0, p2), data/igraph-0.8.3+ds/src/eigen.c:518:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&MATRIX(*vectors, 0, w), &MATRIX(tmpvectors, 0, l1), data/igraph-0.8.3+ds/src/eigen.c:523:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&MATRIX(*vectors, 0, w), &MATRIX(tmpvectors2, 0, l2), data/igraph-0.8.3+ds/src/foreign-dl-header.h:41:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errmsg[300]; data/igraph-0.8.3+ds/src/foreign-dl-parser.c:1116:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char const *yyarg[YYERROR_VERBOSE_ARGS_MAXIMUM]; data/igraph-0.8.3+ds/src/foreign-dl-parser.c:1133:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char yyformat[sizeof yyunexpected data/igraph-0.8.3+ds/src/foreign-dl-parser.c:1307:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char yymsgbuf[128]; data/igraph-0.8.3+ds/src/foreign-gml-header.h:28:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errmsg[300]; data/igraph-0.8.3+ds/src/foreign-gml-parser.c:1000:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char const *yyarg[YYERROR_VERBOSE_ARGS_MAXIMUM]; data/igraph-0.8.3+ds/src/foreign-gml-parser.c:1017:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char yyformat[sizeof yyunexpected data/igraph-0.8.3+ds/src/foreign-gml-parser.c:1216:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char yymsgbuf[128]; data/igraph-0.8.3+ds/src/foreign-gml-parser.c:1761:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(p->s, s, sizeof(char)*len); data/igraph-0.8.3+ds/src/foreign-gml-parser.c:1772:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(p->s, s+1, sizeof(char)*(len-2)); data/igraph-0.8.3+ds/src/foreign-graphml.c:803:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(state->data_char + data_char_new_start, data, data/igraph-0.8.3+ds/src/foreign-graphml.c:1316:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[4096]; data/igraph-0.8.3+ds/src/foreign-graphml.c:1330:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(d, "&"); d += 4; break; data/igraph-0.8.3+ds/src/foreign-graphml.c:1332:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(d, "<"); d += 3; break; data/igraph-0.8.3+ds/src/foreign-graphml.c:1334:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(d, ">"); d += 3; break; data/igraph-0.8.3+ds/src/foreign-graphml.c:1336:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(d, """); d += 5; break; data/igraph-0.8.3+ds/src/foreign-graphml.c:1338:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(d, "'"); d += 5; break; data/igraph-0.8.3+ds/src/foreign-graphml.c:1388:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[4096]; data/igraph-0.8.3+ds/src/foreign-lgl-header.h:29:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errmsg[300]; data/igraph-0.8.3+ds/src/foreign-lgl-parser.c:978:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char const *yyarg[YYERROR_VERBOSE_ARGS_MAXIMUM]; data/igraph-0.8.3+ds/src/foreign-lgl-parser.c:995:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char yyformat[sizeof yyunexpected data/igraph-0.8.3+ds/src/foreign-lgl-parser.c:1169:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char yymsgbuf[128]; data/igraph-0.8.3+ds/src/foreign-ncol-header.h:29:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errmsg[300]; data/igraph-0.8.3+ds/src/foreign-ncol-parser.c:971:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char const *yyarg[YYERROR_VERBOSE_ARGS_MAXIMUM]; data/igraph-0.8.3+ds/src/foreign-ncol-parser.c:988:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char yyformat[sizeof yyunexpected data/igraph-0.8.3+ds/src/foreign-ncol-parser.c:1162:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char yymsgbuf[128]; data/igraph-0.8.3+ds/src/foreign-pajek-header.h:29:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errmsg[300]; data/igraph-0.8.3+ds/src/foreign-pajek-parser.c:1332:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char const *yyarg[YYERROR_VERBOSE_ARGS_MAXIMUM]; data/igraph-0.8.3+ds/src/foreign-pajek-parser.c:1349:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char yyformat[sizeof yyunexpected data/igraph-0.8.3+ds/src/foreign-pajek-parser.c:1523:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char yymsgbuf[128]; data/igraph-0.8.3+ds/src/foreign.c:722:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char prob[21]; data/igraph-0.8.3+ds/src/foreign.c:736:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[3]; data/igraph-0.8.3+ds/src/foreign.c:1031:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char tmp[256]; data/igraph-0.8.3+ds/src/foreign.c:1180:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cname[100]; data/igraph-0.8.3+ds/src/foreign.c:1339:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[100]; data/igraph-0.8.3+ds/src/foreign.c:1382:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[100]; data/igraph-0.8.3+ds/src/foreign.c:2471:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char strno[50]; data/igraph-0.8.3+ds/src/foreign.c:2489:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(*key, strno, plen * sizeof(char)); data/igraph-0.8.3+ds/src/foreign.c:2841:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char edgeop[3]; data/igraph-0.8.3+ds/src/foreign.c:2868:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(edgeop, "->"); data/igraph-0.8.3+ds/src/foreign.c:2871:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(edgeop, "--"); data/igraph-0.8.3+ds/src/gengraph_graph_molloy_hash.cpp:131:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(hc + 2, deg, sizeof(int)*n); data/igraph-0.8.3+ds/src/gengraph_graph_molloy_hash.cpp:172:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dd, deg, sizeof(int)*n); data/igraph-0.8.3+ds/src/gengraph_graph_molloy_optimized.cpp:203:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(hc + 2, deg, sizeof(int)*n); data/igraph-0.8.3+ds/src/gengraph_graph_molloy_optimized.cpp:240:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(b, deg, sizeof(int)*n); data/igraph-0.8.3+ds/src/gengraph_graph_molloy_optimized.cpp:245:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(deg, b, sizeof(int)*n); data/igraph-0.8.3+ds/src/gengraph_graph_molloy_optimized.cpp:274:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(deg, _hardcopy, sizeof(int)*n); data/igraph-0.8.3+ds/src/gengraph_graph_molloy_optimized.cpp:1101:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char MODES[3] = {'U', 'A', 'R'}; data/igraph-0.8.3+ds/src/gengraph_graph_molloy_optimized.cpp:1177:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char MODES[3] = {'U', 'A', 'R'}; data/igraph-0.8.3+ds/src/glpk_support.c:52:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message_and_code[4096]; data/igraph-0.8.3+ds/src/hacks.c:41:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(result, s, n); data/igraph-0.8.3+ds/src/heap.c:101:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(h->stor_begin, data, (size_t) len * sizeof(igraph_real_t)); data/igraph-0.8.3+ds/src/heap.c:297:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tmp1, h->stor_begin, (size_t) actual_size * sizeof(igraph_real_t)); data/igraph-0.8.3+ds/src/heap.c:298:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tmp2, h->index_begin, (size_t) actual_size * sizeof(long int)); data/igraph-0.8.3+ds/src/heap.c:589:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tmp1, h->stor_begin, (size_t) actual_size * sizeof(igraph_real_t)); data/igraph-0.8.3+ds/src/heap.c:590:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tmp2, h->index_begin, (size_t) actual_size * sizeof(long int)); data/igraph-0.8.3+ds/src/heap.c:591:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tmp3, h->index2_begin, (size_t) actual_size * sizeof(long int)); data/igraph-0.8.3+ds/src/igraph_error.c:34:28: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static IGRAPH_THREAD_LOCAL char igraph_i_errormsg_buffer[500]; data/igraph-0.8.3+ds/src/igraph_error.c:35:28: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static IGRAPH_THREAD_LOCAL char igraph_i_warningmsg_buffer[500]; data/igraph-0.8.3+ds/src/igraph_strvector.c:200:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sv->data[idx], value, (size_t) len * sizeof(char)); data/igraph-0.8.3+ds/src/igraph_strvector.c:277:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(v->data[to + i], v->data[begin + i], sizeof(char)*len); data/igraph-0.8.3+ds/src/iterators.c:547:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest, src, sizeof(igraph_vs_t)); data/igraph-0.8.3+ds/src/iterators.c:1387:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest, src, sizeof(igraph_es_t)); data/igraph-0.8.3+ds/src/lsap.c:165:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(file, "r"); data/igraph-0.8.3+ds/src/plfit/gss.c:57:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(param, &_defparam, sizeof(*param)); data/igraph-0.8.3+ds/src/plfit/lbfgs.c:249:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(param, &_defparam, sizeof(*param)); data/igraph-0.8.3+ds/src/plfit/plfit.c:70:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(*result, xs, sizeof(double) * n); data/igraph-0.8.3+ds/src/plfit/plfit.c:864:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[4096]; data/igraph-0.8.3+ds/src/progress.c:28:28: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static IGRAPH_THREAD_LOCAL char igraph_i_progressmsg_buffer[1000]; data/igraph-0.8.3+ds/src/prpack/prpack_base_graph.cpp:142:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(filename, "r"); data/igraph-0.8.3+ds/src/prpack/prpack_base_graph.cpp:239:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[32]; data/igraph-0.8.3+ds/src/prpack/prpack_base_graph.cpp:249:39: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const int t = atoi(s); data/igraph-0.8.3+ds/src/sparsemat.c:156:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(to->cs->p, from->cs->p, sizeof(int) * (size_t) ne); data/igraph-0.8.3+ds/src/sparsemat.c:157:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(to->cs->i, from->cs->i, sizeof(int) * (size_t) (from->cs->nzmax)); data/igraph-0.8.3+ds/src/sparsemat.c:158:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(to->cs->x, from->cs->x, sizeof(double) * (size_t) (from->cs->nzmax)); data/igraph-0.8.3+ds/src/sparsemat.c:2804:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(VECTOR(*i), A->cs->i, (size_t) nz * sizeof(int)); data/igraph-0.8.3+ds/src/sparsemat.c:2805:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(VECTOR(*j), A->cs->p, (size_t) (A->cs->n + 1) * sizeof(int)); data/igraph-0.8.3+ds/src/sparsemat.c:2806:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(VECTOR(*x), A->cs->x, (size_t) nz * sizeof(igraph_real_t)); data/igraph-0.8.3+ds/src/sparsemat.c:2811:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(VECTOR(*i), A->cs->i, (size_t) nz * sizeof(int)); data/igraph-0.8.3+ds/src/sparsemat.c:2812:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(VECTOR(*j), A->cs->p, (size_t) nz * sizeof(int)); data/igraph-0.8.3+ds/src/sparsemat.c:2813:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(VECTOR(*x), A->cs->x, (size_t) nz * sizeof(igraph_real_t)); data/igraph-0.8.3+ds/src/statusbar.c:82:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[300]; data/igraph-0.8.3+ds/src/structural_properties.c:1560:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[256]; data/igraph-0.8.3+ds/src/vector_ptr.c:457:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(v->stor_begin, data, (size_t) length * sizeof(void*)); data/igraph-0.8.3+ds/src/vector_ptr.c:471:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(to, v->stor_begin, sizeof(void*) * data/igraph-0.8.3+ds/src/vector_ptr.c:512:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(to->stor_begin, from->stor_begin, data/igraph-0.8.3+ds/examples/simple/igraph_subisomorphic_lad.c:34:19: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. igraph_bool_t equal; data/igraph-0.8.3+ds/examples/simple/igraph_subisomorphic_lad.c:83:11: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if (! equal) { data/igraph-0.8.3+ds/examples/simple/igraph_subisomorphic_lad.c:136:11: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if (! equal) { data/igraph-0.8.3+ds/examples/simple/igraph_version.c:36:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strncmp(string, tmp, strlen(tmp))) { data/igraph-0.8.3+ds/src/CHOLMOD/Check/cholmod_write.c:210:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). i = strlen (s) ; data/igraph-0.8.3+ds/src/attributes.c:432:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(name) == 0) { data/igraph-0.8.3+ds/src/bliss/graph.cc:2194:15: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int c = getc(fp); data/igraph-0.8.3+ds/src/bliss/graph.cc:2198:15: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while((c = getc(fp)) != '\n') data/igraph-0.8.3+ds/src/bliss/graph.cc:2253:15: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int c = getc(fp); data/igraph-0.8.3+ds/src/bliss/graph.cc:3481:7: [1] (buffer) is_permutation: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if(!is_permutation(get_nof_vertices(), perm)) data/igraph-0.8.3+ds/src/bliss/graph.cc:3524:46: [1] (buffer) is_permutation: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if(!(perm.size() == get_nof_vertices() and is_permutation(perm))) data/igraph-0.8.3+ds/src/bliss/graph.cc:4033:11: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = getc(fp); data/igraph-0.8.3+ds/src/bliss/graph.cc:4037:15: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while((c = getc(fp)) != '\n') data/igraph-0.8.3+ds/src/bliss/graph.cc:4094:11: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = getc(fp); data/igraph-0.8.3+ds/src/bliss/graph.cc:4321:7: [1] (buffer) is_permutation: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if(!is_permutation(get_nof_vertices(), perm)) data/igraph-0.8.3+ds/src/bliss/graph.cc:5269:7: [1] (buffer) is_permutation: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if(!is_permutation(get_nof_vertices(), perm)) data/igraph-0.8.3+ds/src/bliss/graph.cc:5303:46: [1] (buffer) is_permutation: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if(!(perm.size() == get_nof_vertices() and is_permutation(perm))) data/igraph-0.8.3+ds/src/bliss/utils.cc:95:1: [1] (buffer) is_permutation: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. is_permutation(const unsigned int N, const unsigned int* perm) data/igraph-0.8.3+ds/src/bliss/utils.cc:109:1: [1] (buffer) is_permutation: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. is_permutation(const std::vector<unsigned int>& perm) data/igraph-0.8.3+ds/src/cattributes.c:1304:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len += strlen(tmp); data/igraph-0.8.3+ds/src/cattributes.c:1315:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len += strlen(tmp); data/igraph-0.8.3+ds/src/cliquer/cliquer_graph.c:245:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (headerlength+strlen(s) >= headersize) { \ data/igraph-0.8.3+ds/src/cliquer/cliquer_graph.c:249:1: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(header,s,1000); \ data/igraph-0.8.3+ds/src/cliquer/cliquer_graph.c:250:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). headerlength+=strlen(s); data/igraph-0.8.3+ds/src/cliquer/cliquer_graph.c:269:3: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(buf,comment,1000); data/igraph-0.8.3+ds/src/cliquer/cliquer_graph.c:270:3: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(buf,"\n"); data/igraph-0.8.3+ds/src/cliquer/cliquer_graph.c:282:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fprintf(fp,"%d\n",(int)strlen(header)); data/igraph-0.8.3+ds/src/cliquer/cliquer_graph.c:347:6: [1] (buffer) sscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. if (sscanf(buffer," %d %2s",&n,tmp)!=1) { data/igraph-0.8.3+ds/src/cliquer/cliquer_graph.c:372:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i=0; i<strlen(str); i++) { data/igraph-0.8.3+ds/src/cliquer/cliquer_graph.c:376:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (i>=strlen(str)) /* blank line */ data/igraph-0.8.3+ds/src/cliquer/cliquer_graph.c:387:7: [1] (buffer) sscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. if (sscanf(str," p %15s %d %d %2s",tmp,&(g->n),&i,tmp)!=3) data/igraph-0.8.3+ds/src/cliquer/cliquer_graph.c:401:7: [1] (buffer) sscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. if (sscanf(str," n %d %d %2s",&i,&w,tmp)!=2) data/igraph-0.8.3+ds/src/cliquer/cliquer_graph.c:412:7: [1] (buffer) sscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. if (sscanf(str," e %d %d %2s",&i,&j,tmp)!=2) data/igraph-0.8.3+ds/src/cliquer/cliquer_graph.c:452:6: [1] (buffer) sscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. if (sscanf(firstline," %d %2s",&length,tmp)!=1) data/igraph-0.8.3+ds/src/foreign-dl-lexer.c:765:14: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). (c = getc( yyin )) != EOF && c != '\n'; ++n ) \ data/igraph-0.8.3+ds/src/foreign-dl-lexer.c:1821:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return igraph_dl_yy_scan_bytes(yystr,strlen(yystr) ,yyscanner); data/igraph-0.8.3+ds/src/foreign-dl-parser.c:997:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). # define yystrlen strlen data/igraph-0.8.3+ds/src/foreign-gml-lexer.c:669:14: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). (c = getc( yyin )) != EOF && c != '\n'; ++n ) \ data/igraph-0.8.3+ds/src/foreign-gml-lexer.c:1641:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return igraph_gml_yy_scan_bytes(yystr,strlen(yystr) ,yyscanner); data/igraph-0.8.3+ds/src/foreign-gml-parser.c:881:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). # define yystrlen strlen data/igraph-0.8.3+ds/src/foreign-graphml.c:794:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). data_char_new_start = (long int) strlen(state->data_char); data/igraph-0.8.3+ds/src/foreign-lgl-lexer.c:655:14: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). (c = getc( yyin )) != EOF && c != '\n'; ++n ) \ data/igraph-0.8.3+ds/src/foreign-lgl-lexer.c:1600:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return igraph_lgl_yy_scan_bytes(yystr,strlen(yystr) ,yyscanner); data/igraph-0.8.3+ds/src/foreign-lgl-parser.c:859:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). # define yystrlen strlen data/igraph-0.8.3+ds/src/foreign-lgl-parser.c:1690:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(tmp, str, length); data/igraph-0.8.3+ds/src/foreign-ncol-lexer.c:655:14: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). (c = getc( yyin )) != EOF && c != '\n'; ++n ) \ data/igraph-0.8.3+ds/src/foreign-ncol-lexer.c:1595:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return igraph_ncol_yy_scan_bytes(yystr,strlen(yystr) ,yyscanner); data/igraph-0.8.3+ds/src/foreign-ncol-parser.c:852:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). # define yystrlen strlen data/igraph-0.8.3+ds/src/foreign-ncol-parser.c:1679:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(tmp, str, length); data/igraph-0.8.3+ds/src/foreign-pajek-lexer.c:774:14: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). (c = getc( yyin )) != EOF && c != '\n'; ++n ) \ data/igraph-0.8.3+ds/src/foreign-pajek-lexer.c:2056:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return igraph_pajek_yy_scan_bytes(yystr,strlen(yystr) ,yyscanner); data/igraph-0.8.3+ds/src/foreign-pajek-parser.c:1213:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). # define yystrlen strlen data/igraph-0.8.3+ds/src/foreign-pajek-parser.c:2591:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(tmp, str, length); data/igraph-0.8.3+ds/src/foreign-pajek-parser.c:2694:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(tmp, value, len); data/igraph-0.8.3+ds/src/foreign-pajek-parser.c:2721:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(tmp, value, len); data/igraph-0.8.3+ds/src/foreign.c:90:13: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = getc (instream); data/igraph-0.8.3+ds/src/foreign.c:95:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int read; data/igraph-0.8.3+ds/src/foreign.c:100:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read != 1) { data/igraph-0.8.3+ds/src/foreign.c:104:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read != 1) { data/igraph-0.8.3+ds/src/foreign.c:112:17: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = getc (instream); data/igraph-0.8.3+ds/src/foreign.c:735:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int read; data/igraph-0.8.3+ds/src/foreign.c:744:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read != 1) { data/igraph-0.8.3+ds/src/foreign.c:761:20: [1] (buffer) fscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. read = fscanf(instream, "%20s %li %li", prob, data/igraph-0.8.3+ds/src/foreign.c:763:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read != 3) { data/igraph-0.8.3+ds/src/foreign.c:798:24: [1] (buffer) fscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. read = fscanf(instream, "%li %1s", &tmp, str); data/igraph-0.8.3+ds/src/foreign.c:833:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read != 3) { data/igraph-0.8.3+ds/src/foreign.c:850:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read != 2) { data/igraph-0.8.3+ds/src/foreign.c:862:47: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (!feof(instream) && (c = (char) getc(instream)) != '\n') ; data/igraph-0.8.3+ds/src/foreign.c:884:10: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). b1 = fgetc(instream); data/igraph-0.8.3+ds/src/foreign.c:885:10: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). b2 = fgetc(instream); data/igraph-0.8.3+ds/src/foreign.c:2472:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t i, len = strlen(orig), newlen = 0, plen = 0; data/igraph-0.8.3+ds/src/foreign.c:2478:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). plen = newlen = strlen(strno); data/igraph-0.8.3+ds/src/foreign.c:2569:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). timestr[strlen(timestr) - 1] = '\0'; /* nicely remove \n */ data/igraph-0.8.3+ds/src/foreign.c:2746:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). long int i, j, len = (long int) strlen(orig), newlen = 0; data/igraph-0.8.3+ds/src/hacks.c:38:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t n = strlen(s) + 1; data/igraph-0.8.3+ds/src/hacks.c:52:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return result + strlen(s1); data/igraph-0.8.3+ds/src/igraph_hashtable.c:91:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(tmp, elem, elemlen); data/igraph-0.8.3+ds/src/igraph_strvector.c:152:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sv->data[idx] = igraph_Calloc(strlen(value) + 1, char); data/igraph-0.8.3+ds/src/igraph_strvector.c:157:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *tmp = igraph_Realloc(sv->data[idx], strlen(value) + 1, char); data/igraph-0.8.3+ds/src/igraph_strvector.c:275:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t len = strlen(v->data[begin + i]) + 1; data/igraph-0.8.3+ds/src/igraph_strvector.c:495:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). v->data[s] = igraph_Calloc(strlen(value) + 1, char); data/igraph-0.8.3+ds/src/igraph_trie.c:350:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(tmp, key, length); data/igraph-0.8.3+ds/src/lsap.c:190:17: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = fgetc(f); data/igraph-0.8.3+ds/src/plfit/arithmetic_sse_double.h:52:22: [1] (free) memalign: On some systems (though not Linux-based systems) an attempt to free() results from memalign() may fail. This may, on a few systems, be exploitable. Also note that memalign() may not check that the boundary parameter is correct (CWE-676). Use posix_memalign instead (defined in POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD 4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases, malloc()'s alignment may be sufficient. void *memblock = memalign(16, size); data/igraph-0.8.3+ds/src/prpack/prpack_base_graph.cpp:236:12: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (getc(f) != '\n'); data/igraph-0.8.3+ds/src/prpack/prpack_base_graph.cpp:244:24: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). s[i] = getc(f); data/igraph-0.8.3+ds/src/walktrap_graph.cpp:233:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). m += strlen(index[i]) + 1; ANALYSIS SUMMARY: Hits = 350 Lines analyzed = 272382 in approximately 10.97 seconds (24820 lines/second) Physical Source Lines of Code (SLOC) = 165876 Hits@level = [0] 1369 [1] 87 [2] 201 [3] 5 [4] 57 [5] 0 Hits@level+ = [0+] 1719 [1+] 350 [2+] 263 [3+] 62 [4+] 57 [5+] 0 Hits/KSLOC@level+ = [0+] 10.3632 [1+] 2.11001 [2+] 1.58552 [3+] 0.373773 [4+] 0.34363 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.