Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/kallisto-0.46.2+dfsg/src/BUSData.cpp
Examining data/kallisto-0.46.2+dfsg/src/BUSData.h
Examining data/kallisto-0.46.2+dfsg/src/BUSTools.cpp
Examining data/kallisto-0.46.2+dfsg/src/BUSTools.h
Examining data/kallisto-0.46.2+dfsg/src/Bootstrap.cpp
Examining data/kallisto-0.46.2+dfsg/src/Bootstrap.h
Examining data/kallisto-0.46.2+dfsg/src/EMAlgorithm.h
Examining data/kallisto-0.46.2+dfsg/src/Fusion.hpp
Examining data/kallisto-0.46.2+dfsg/src/GeneModel.cpp
Examining data/kallisto-0.46.2+dfsg/src/GeneModel.h
Examining data/kallisto-0.46.2+dfsg/src/H5Writer.cpp
Examining data/kallisto-0.46.2+dfsg/src/H5Writer.h
Examining data/kallisto-0.46.2+dfsg/src/Kmer.cpp
Examining data/kallisto-0.46.2+dfsg/src/Kmer.hpp
Examining data/kallisto-0.46.2+dfsg/src/KmerHashTable.h
Examining data/kallisto-0.46.2+dfsg/src/KmerIndex.h
Examining data/kallisto-0.46.2+dfsg/src/KmerIterator.cpp
Examining data/kallisto-0.46.2+dfsg/src/KmerIterator.hpp
Examining data/kallisto-0.46.2+dfsg/src/Merge.cpp
Examining data/kallisto-0.46.2+dfsg/src/Merge.h
Examining data/kallisto-0.46.2+dfsg/src/MinCollector.cpp
Examining data/kallisto-0.46.2+dfsg/src/MinCollector.h
Examining data/kallisto-0.46.2+dfsg/src/Multinomial.hpp
Examining data/kallisto-0.46.2+dfsg/src/PlaintextWriter.cpp
Examining data/kallisto-0.46.2+dfsg/src/PlaintextWriter.h
Examining data/kallisto-0.46.2+dfsg/src/PseudoBam.cpp
Examining data/kallisto-0.46.2+dfsg/src/PseudoBam.h
Examining data/kallisto-0.46.2+dfsg/src/common.cpp
Examining data/kallisto-0.46.2+dfsg/src/common.h
Examining data/kallisto-0.46.2+dfsg/src/h5utils.cpp
Examining data/kallisto-0.46.2+dfsg/src/h5utils.h
Examining data/kallisto-0.46.2+dfsg/src/hash.cpp
Examining data/kallisto-0.46.2+dfsg/src/hash.hpp
Examining data/kallisto-0.46.2+dfsg/src/main.cpp
Examining data/kallisto-0.46.2+dfsg/src/weights.cpp
Examining data/kallisto-0.46.2+dfsg/src/weights.h
Examining data/kallisto-0.46.2+dfsg/src/Inspect.h
Examining data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp
Examining data/kallisto-0.46.2+dfsg/src/ProcessReads.h
Examining data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp
Examining data/kallisto-0.46.2+dfsg/unit_tests/main.cpp
Examining data/kallisto-0.46.2+dfsg/unit_tests/test_index.cpp
Examining data/kallisto-0.46.2+dfsg/unit_tests/test_multinomial.cpp
Examining data/kallisto-0.46.2+dfsg/unit_tests/test_weights.cpp
Examining data/kallisto-0.46.2+dfsg/unit_tests/test_kmerhashtable.cpp
FINAL RESULTS:
data/kallisto-0.46.2+dfsg/src/h5utils.cpp:20:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ptr, v[i].c_str());
data/kallisto-0.46.2+dfsg/src/main.cpp:68:9: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt_long(argc,argv,opt_string, long_options, &option_index);
data/kallisto-0.46.2+dfsg/src/main.cpp:119:9: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt_long(argc,argv,opt_string, long_options, &option_index);
data/kallisto-0.46.2+dfsg/src/main.cpp:196:9: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt_long(argc,argv,opt_string, long_options, &option_index);
data/kallisto-0.46.2+dfsg/src/main.cpp:329:9: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt_long(argc,argv,opt_string, long_options, &option_index);
data/kallisto-0.46.2+dfsg/src/main.cpp:413:9: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt_long(argc,argv,opt_string, long_options, &option_index);
data/kallisto-0.46.2+dfsg/src/main.cpp:499:9: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt_long(argc,argv,opt_string, long_options, &option_index);
data/kallisto-0.46.2+dfsg/src/main.cpp:570:9: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt_long(argc,argv,opt_string, long_options, &option_index);
data/kallisto-0.46.2+dfsg/src/main.cpp:765:9: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
c = getopt_long(argc, argv, opt_string, long_options, &option_index);
data/kallisto-0.46.2+dfsg/src/EMAlgorithm.h:217:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out.open(out_fname, std::ios::out);
data/kallisto-0.46.2+dfsg/src/Inspect.h:289:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out.open(gfa);
data/kallisto-0.46.2+dfsg/src/Inspect.h:361:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out.open(bed);
data/kallisto-0.46.2+dfsg/src/Kmer.cpp:477:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_K];
data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:625:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out.open(index_out, std::ios::out | std::ios::binary);
data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:790:6: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
in.open(index_in, std::ios::in | std::ios::binary);
data/kallisto-0.46.2+dfsg/src/MinCollector.cpp:249:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ecof.open(ecfilename.c_str(), std::ios::out);
data/kallisto-0.46.2+dfsg/src/MinCollector.cpp:268:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
countsof.open(countsfilename.c_str(), std::ios::out);
data/kallisto-0.46.2+dfsg/src/PlaintextWriter.cpp:38:6: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
of.open( out_name );
data/kallisto-0.46.2+dfsg/src/PlaintextWriter.cpp:105:6: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
of.open( out_name );
data/kallisto-0.46.2+dfsg/src/PlaintextWriter.cpp:184:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ecof.open(filename.c_str(), std::ios::out);
data/kallisto-0.46.2+dfsg/src/PlaintextWriter.cpp:216:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
cellsof.open(filename.c_str(), std::ios::out);
data/kallisto-0.46.2+dfsg/src/PlaintextWriter.cpp:231:6: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
of.open(filename.c_str(), std::ios::out);
data/kallisto-0.46.2+dfsg/src/PlaintextWriter.cpp:244:6: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
of.open(filename.c_str(), std::ios::out);
data/kallisto-0.46.2+dfsg/src/PlaintextWriter.h:75:6: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
of.open(filename.c_str(), std::ios::out);
data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:212:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
of.open(outfile.c_str(), std::ios::out);
data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:628:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pseudobatchf_in.open(opt.output + "/pseudoaln.bin", std::ios::in | std::ios::binary);
data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:1327:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&bc_len[0], &o.bc_len[0], 33);
data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:1328:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&umi_len[0], &o.umi_len[0], 33);
data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:1387:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:1454:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(umi, s[busopt.umi.fileno] + busopt.umi.start, umilen);
data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:1470:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bc+blen, s[bcc.fileno] + bcc.start, bclen);
data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:1856:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(b1.data + b1.l_data + 3, &nmap, 4);
data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:1863:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(b1.data + b1.l_data + 3, &zero, 4);
data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:1873:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(b2.data + b2.l_data + 3, &nmap, 4);
data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:1880:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(b2.data + b2.l_data + 3, &zero, 4);
data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:1963:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(b1c.data, b1.data, b1c.m_data*sizeof(uint8_t));
data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:1970:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(b2c.data, b2.data, b2c.m_data*sizeof(uint8_t));
data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:2016:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(b1c.data + b1c.l_data - 4, &prob, 4); // set ZW tag
data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:2033:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(b2c.data + b2c.l_data - 4, &prob, 4);
data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:2200:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(b1.data + b1.l_data + 3, bc.c_str(), bclen+1);
data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:2207:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(b1.data + b1.l_data + 3, umi.c_str(), umilen+2);
data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:2298:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(b1.data + b1.l_data + 3, &zero, 4);
data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:2306:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(b2.data + b2.l_data + 3, &zero, 4);
data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:2428:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(b1c.data, b1.data, b1c.m_data*sizeof(uint8_t));
data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:2437:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(b2c.data, b2.data, b2c.m_data*sizeof(uint8_t));
data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:2472:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(b1c.data + b1c.l_data - 4, &prob, 4); // set ZW tag
data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:2483:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(b2c.data + b2c.l_data - 4, &prob, 4);
data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:2600:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bf, b.data, b.m_data);
data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:2715:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, name, nlen);
data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:2871:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f_umi->open(umi_files[current_file]);
data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:2899:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pi, seq[i]->seq.s, l[i]+1);
data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:2905:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pi, seq[i]->qual.s,l[i]+1);
data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:2909:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pi, seq[i]->name.s, nl[i]+1);
data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:3014:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pi, bc, l_bc);
data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:3015:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pi + l_bc, umi, l_umi + 1);
data/kallisto-0.46.2+dfsg/src/ProcessReads.h:195:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ofusion.open(opt.output + "/fusion.txt");
data/kallisto-0.46.2+dfsg/src/ProcessReads.h:199:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pseudobatchf_out.open(opt.output + "/pseudoaln.bin", std::ios::out | std::ios::binary);
data/kallisto-0.46.2+dfsg/src/ProcessReads.h:202:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
busf_out.open(opt.output + "/output.bus", std::ios::out | std::ios::binary);
data/kallisto-0.46.2+dfsg/src/PseudoBam.cpp:62:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf1[32768];
data/kallisto-0.46.2+dfsg/src/PseudoBam.cpp:63:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf2[32768];
data/kallisto-0.46.2+dfsg/src/PseudoBam.cpp:64:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cig_[1000];
data/kallisto-0.46.2+dfsg/src/PseudoBam.cpp:369:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cig, "%dS%dM%dS",softclip, (length-overhang - softclip), overhang);
data/kallisto-0.46.2+dfsg/src/PseudoBam.cpp:371:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cig, "%dS%dM",softclip,length-softclip);
data/kallisto-0.46.2+dfsg/src/PseudoBam.cpp:374:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cig, "%dM%dS", length-overhang, overhang);
data/kallisto-0.46.2+dfsg/src/PseudoBam.cpp:376:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cig, "%dM",length);
data/kallisto-0.46.2+dfsg/src/PseudoBam.cpp:427:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bb[7];
data/kallisto-0.46.2+dfsg/src/h5utils.cpp:85:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, ptr, size);
data/kallisto-0.46.2+dfsg/src/main.cpp:1991:32: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
std::FILE* fp = std::fopen((opt.output + "/output.bus").c_str(), "r+b");
data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:693:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp_size = strlen(tid.c_str());
data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:708:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp_size = strlen(contig.seq.c_str());
data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:800:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
in.read((char *)&header_version, sizeof(header_version));
data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:809:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
in.read((char *)&k, sizeof(k));
data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:824:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
in.read((char *)&num_trans, sizeof(num_trans));
data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:832:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
in.read((char *)&tlen, sizeof(tlen));
data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:838:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
in.read((char *)&kmap_size, sizeof(kmap_size));
data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:855:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
in.read((char *)&tmp_kmer, sizeof(tmp_kmer));
data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:856:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
in.read((char *)&tmp_val, sizeof(tmp_val));
data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:865:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
in.read((char *)&ecmap_size, sizeof(ecmap_size));
data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:875:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
in.read((char *)&tmp_id, sizeof(tmp_id));
data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:878:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
in.read((char *)&vec_size, sizeof(vec_size));
data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:884:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
in.read((char *)&tmp_ecval, sizeof(tmp_ecval));
data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:901:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
in.read((char *)&tmp_size, sizeof(tmp_size));
data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:912:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
in.read(buffer, tmp_size);
data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:921:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
in.read((char *)&contig_size, sizeof(contig_size));
data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:926:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
in.read((char *)&c.id, sizeof(c.id));
data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:927:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
in.read((char *)&c.length, sizeof(c.length));
data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:928:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
in.read((char *)&tmp_size, sizeof(tmp_size));
data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:937:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
in.read(buffer, tmp_size);
data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:941:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
in.read((char*)&tmp_size, sizeof(tmp_size));
data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:947:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
in.read((char*)&info.trid, sizeof(info.trid));
data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:948:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
in.read((char*)&info.pos, sizeof(info.pos));
data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:949:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
in.read((char*)&info.sense, sizeof(info.sense));
data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:961:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
in.read((char *)&tmp_ec, sizeof(tmp_ec));
data/kallisto-0.46.2+dfsg/src/PseudoBam.cpp:14:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
h->l_text = (uint32_t) strlen(h->text);
data/kallisto-0.46.2+dfsg/src/PseudoBam.cpp:40:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
h->l_text = (uint32_t) strlen(h->text);
data/kallisto-0.46.2+dfsg/src/PseudoBam.cpp:379:5: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(cig, "*");
data/kallisto-0.46.2+dfsg/src/PseudoBam.cpp:429:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
in.read(&bb[0], 6);
data/kallisto-0.46.2+dfsg/src/PseudoBam.cpp:432:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
in.read((char*)&(batch.batch_id), sizeof(int32_t));
data/kallisto-0.46.2+dfsg/src/PseudoBam.cpp:434:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
in.read((char*)&bsz, sizeof(uint32_t));
data/kallisto-0.46.2+dfsg/src/PseudoBam.cpp:438:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
in.read((char*)&info.id, sizeof(info.id));
data/kallisto-0.46.2+dfsg/src/PseudoBam.cpp:440:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
in.read((char*)&flag, 1);
data/kallisto-0.46.2+dfsg/src/PseudoBam.cpp:445:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
in.read((char*)&k1,1);
data/kallisto-0.46.2+dfsg/src/PseudoBam.cpp:446:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
in.read((char*)&k2,1);
data/kallisto-0.46.2+dfsg/src/PseudoBam.cpp:449:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
in.read((char*)&info.ec_id, sizeof(int32_t));
data/kallisto-0.46.2+dfsg/src/PseudoBam.cpp:450:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
in.read((char*)&info.barcode, sizeof(uint64_t));
data/kallisto-0.46.2+dfsg/src/PseudoBam.cpp:451:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
in.read((char*)&info.UMI, sizeof(uint64_t));
data/kallisto-0.46.2+dfsg/src/PseudoBam.cpp:454:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
in.read((char*)&sz, sizeof(uint32_t));
data/kallisto-0.46.2+dfsg/src/PseudoBam.cpp:458:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
in.read((char*)&tmp, sizeof(tmp));
ANALYSIS SUMMARY:
Hits = 108
Lines analyzed = 14227 in approximately 0.37 seconds (38880 lines/second)
Physical Source Lines of Code (SLOC) = 10468
Hits@level = [0] 1 [1] 40 [2] 59 [3] 8 [4] 1 [5] 0
Hits@level+ = [0+] 109 [1+] 108 [2+] 68 [3+] 9 [4+] 1 [5+] 0
Hits/KSLOC@level+ = [0+] 10.4127 [1+] 10.3172 [2+] 6.49599 [3+] 0.859763 [4+] 0.0955292 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.