Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/kallisto-0.46.2+dfsg/src/BUSData.cpp Examining data/kallisto-0.46.2+dfsg/src/BUSData.h Examining data/kallisto-0.46.2+dfsg/src/BUSTools.cpp Examining data/kallisto-0.46.2+dfsg/src/BUSTools.h Examining data/kallisto-0.46.2+dfsg/src/Bootstrap.cpp Examining data/kallisto-0.46.2+dfsg/src/Bootstrap.h Examining data/kallisto-0.46.2+dfsg/src/EMAlgorithm.h Examining data/kallisto-0.46.2+dfsg/src/Fusion.hpp Examining data/kallisto-0.46.2+dfsg/src/GeneModel.cpp Examining data/kallisto-0.46.2+dfsg/src/GeneModel.h Examining data/kallisto-0.46.2+dfsg/src/H5Writer.cpp Examining data/kallisto-0.46.2+dfsg/src/H5Writer.h Examining data/kallisto-0.46.2+dfsg/src/Kmer.cpp Examining data/kallisto-0.46.2+dfsg/src/Kmer.hpp Examining data/kallisto-0.46.2+dfsg/src/KmerHashTable.h Examining data/kallisto-0.46.2+dfsg/src/KmerIndex.h Examining data/kallisto-0.46.2+dfsg/src/KmerIterator.cpp Examining data/kallisto-0.46.2+dfsg/src/KmerIterator.hpp Examining data/kallisto-0.46.2+dfsg/src/Merge.cpp Examining data/kallisto-0.46.2+dfsg/src/Merge.h Examining data/kallisto-0.46.2+dfsg/src/MinCollector.cpp Examining data/kallisto-0.46.2+dfsg/src/MinCollector.h Examining data/kallisto-0.46.2+dfsg/src/Multinomial.hpp Examining data/kallisto-0.46.2+dfsg/src/PlaintextWriter.cpp Examining data/kallisto-0.46.2+dfsg/src/PlaintextWriter.h Examining data/kallisto-0.46.2+dfsg/src/PseudoBam.cpp Examining data/kallisto-0.46.2+dfsg/src/PseudoBam.h Examining data/kallisto-0.46.2+dfsg/src/common.cpp Examining data/kallisto-0.46.2+dfsg/src/common.h Examining data/kallisto-0.46.2+dfsg/src/h5utils.cpp Examining data/kallisto-0.46.2+dfsg/src/h5utils.h Examining data/kallisto-0.46.2+dfsg/src/hash.cpp Examining data/kallisto-0.46.2+dfsg/src/hash.hpp Examining data/kallisto-0.46.2+dfsg/src/main.cpp Examining data/kallisto-0.46.2+dfsg/src/weights.cpp Examining data/kallisto-0.46.2+dfsg/src/weights.h Examining data/kallisto-0.46.2+dfsg/src/Inspect.h Examining data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp Examining data/kallisto-0.46.2+dfsg/src/ProcessReads.h Examining data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp Examining data/kallisto-0.46.2+dfsg/unit_tests/main.cpp Examining data/kallisto-0.46.2+dfsg/unit_tests/test_index.cpp Examining data/kallisto-0.46.2+dfsg/unit_tests/test_multinomial.cpp Examining data/kallisto-0.46.2+dfsg/unit_tests/test_weights.cpp Examining data/kallisto-0.46.2+dfsg/unit_tests/test_kmerhashtable.cpp FINAL RESULTS: data/kallisto-0.46.2+dfsg/src/h5utils.cpp:20:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(ptr, v[i].c_str()); data/kallisto-0.46.2+dfsg/src/main.cpp:68:9: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. c = getopt_long(argc,argv,opt_string, long_options, &option_index); data/kallisto-0.46.2+dfsg/src/main.cpp:119:9: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. c = getopt_long(argc,argv,opt_string, long_options, &option_index); data/kallisto-0.46.2+dfsg/src/main.cpp:196:9: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. c = getopt_long(argc,argv,opt_string, long_options, &option_index); data/kallisto-0.46.2+dfsg/src/main.cpp:329:9: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. c = getopt_long(argc,argv,opt_string, long_options, &option_index); data/kallisto-0.46.2+dfsg/src/main.cpp:413:9: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. c = getopt_long(argc,argv,opt_string, long_options, &option_index); data/kallisto-0.46.2+dfsg/src/main.cpp:499:9: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. c = getopt_long(argc,argv,opt_string, long_options, &option_index); data/kallisto-0.46.2+dfsg/src/main.cpp:570:9: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. c = getopt_long(argc,argv,opt_string, long_options, &option_index); data/kallisto-0.46.2+dfsg/src/main.cpp:765:9: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. c = getopt_long(argc, argv, opt_string, long_options, &option_index); data/kallisto-0.46.2+dfsg/src/EMAlgorithm.h:217:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). out.open(out_fname, std::ios::out); data/kallisto-0.46.2+dfsg/src/Inspect.h:289:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). out.open(gfa); data/kallisto-0.46.2+dfsg/src/Inspect.h:361:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). out.open(bed); data/kallisto-0.46.2+dfsg/src/Kmer.cpp:477:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MAX_K]; data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:625:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). out.open(index_out, std::ios::out | std::ios::binary); data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:790:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). in.open(index_in, std::ios::in | std::ios::binary); data/kallisto-0.46.2+dfsg/src/MinCollector.cpp:249:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ecof.open(ecfilename.c_str(), std::ios::out); data/kallisto-0.46.2+dfsg/src/MinCollector.cpp:268:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). countsof.open(countsfilename.c_str(), std::ios::out); data/kallisto-0.46.2+dfsg/src/PlaintextWriter.cpp:38:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). of.open( out_name ); data/kallisto-0.46.2+dfsg/src/PlaintextWriter.cpp:105:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). of.open( out_name ); data/kallisto-0.46.2+dfsg/src/PlaintextWriter.cpp:184:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ecof.open(filename.c_str(), std::ios::out); data/kallisto-0.46.2+dfsg/src/PlaintextWriter.cpp:216:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). cellsof.open(filename.c_str(), std::ios::out); data/kallisto-0.46.2+dfsg/src/PlaintextWriter.cpp:231:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). of.open(filename.c_str(), std::ios::out); data/kallisto-0.46.2+dfsg/src/PlaintextWriter.cpp:244:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). of.open(filename.c_str(), std::ios::out); data/kallisto-0.46.2+dfsg/src/PlaintextWriter.h:75:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). of.open(filename.c_str(), std::ios::out); data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:212:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). of.open(outfile.c_str(), std::ios::out); data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:628:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). pseudobatchf_in.open(opt.output + "/pseudoaln.bin", std::ios::in | std::ios::binary); data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:1327:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&bc_len[0], &o.bc_len[0], 33); data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:1328:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&umi_len[0], &o.umi_len[0], 33); data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:1387:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[100]; data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:1454:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(umi, s[busopt.umi.fileno] + busopt.umi.start, umilen); data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:1470:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(bc+blen, s[bcc.fileno] + bcc.start, bclen); data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:1856:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(b1.data + b1.l_data + 3, &nmap, 4); data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:1863:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(b1.data + b1.l_data + 3, &zero, 4); data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:1873:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(b2.data + b2.l_data + 3, &nmap, 4); data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:1880:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(b2.data + b2.l_data + 3, &zero, 4); data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:1963:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(b1c.data, b1.data, b1c.m_data*sizeof(uint8_t)); data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:1970:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(b2c.data, b2.data, b2c.m_data*sizeof(uint8_t)); data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:2016:15: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(b1c.data + b1c.l_data - 4, &prob, 4); // set ZW tag data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:2033:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(b2c.data + b2c.l_data - 4, &prob, 4); data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:2200:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(b1.data + b1.l_data + 3, bc.c_str(), bclen+1); data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:2207:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(b1.data + b1.l_data + 3, umi.c_str(), umilen+2); data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:2298:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(b1.data + b1.l_data + 3, &zero, 4); data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:2306:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(b2.data + b2.l_data + 3, &zero, 4); data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:2428:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(b1c.data, b1.data, b1c.m_data*sizeof(uint8_t)); data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:2437:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(b2c.data, b2.data, b2c.m_data*sizeof(uint8_t)); data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:2472:15: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(b1c.data + b1c.l_data - 4, &prob, 4); // set ZW tag data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:2483:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(b2c.data + b2c.l_data - 4, &prob, 4); data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:2600:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(bf, b.data, b.m_data); data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:2715:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, name, nlen); data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:2871:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f_umi->open(umi_files[current_file]); data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:2899:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pi, seq[i]->seq.s, l[i]+1); data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:2905:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pi, seq[i]->qual.s,l[i]+1); data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:2909:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pi, seq[i]->name.s, nl[i]+1); data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:3014:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pi, bc, l_bc); data/kallisto-0.46.2+dfsg/src/ProcessReads.cpp:3015:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pi + l_bc, umi, l_umi + 1); data/kallisto-0.46.2+dfsg/src/ProcessReads.h:195:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ofusion.open(opt.output + "/fusion.txt"); data/kallisto-0.46.2+dfsg/src/ProcessReads.h:199:26: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). pseudobatchf_out.open(opt.output + "/pseudoaln.bin", std::ios::out | std::ios::binary); data/kallisto-0.46.2+dfsg/src/ProcessReads.h:202:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). busf_out.open(opt.output + "/output.bus", std::ios::out | std::ios::binary); data/kallisto-0.46.2+dfsg/src/PseudoBam.cpp:62:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf1[32768]; data/kallisto-0.46.2+dfsg/src/PseudoBam.cpp:63:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf2[32768]; data/kallisto-0.46.2+dfsg/src/PseudoBam.cpp:64:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char cig_[1000]; data/kallisto-0.46.2+dfsg/src/PseudoBam.cpp:369:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(cig, "%dS%dM%dS",softclip, (length-overhang - softclip), overhang); data/kallisto-0.46.2+dfsg/src/PseudoBam.cpp:371:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(cig, "%dS%dM",softclip,length-softclip); data/kallisto-0.46.2+dfsg/src/PseudoBam.cpp:374:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(cig, "%dM%dS", length-overhang, overhang); data/kallisto-0.46.2+dfsg/src/PseudoBam.cpp:376:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(cig, "%dM",length); data/kallisto-0.46.2+dfsg/src/PseudoBam.cpp:427:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bb[7]; data/kallisto-0.46.2+dfsg/src/h5utils.cpp:85:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, ptr, size); data/kallisto-0.46.2+dfsg/src/main.cpp:1991:32: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). std::FILE* fp = std::fopen((opt.output + "/output.bus").c_str(), "r+b"); data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:693:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmp_size = strlen(tid.c_str()); data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:708:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmp_size = strlen(contig.seq.c_str()); data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:800:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). in.read((char *)&header_version, sizeof(header_version)); data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:809:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). in.read((char *)&k, sizeof(k)); data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:824:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). in.read((char *)&num_trans, sizeof(num_trans)); data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:832:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). in.read((char *)&tlen, sizeof(tlen)); data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:838:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). in.read((char *)&kmap_size, sizeof(kmap_size)); data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:855:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). in.read((char *)&tmp_kmer, sizeof(tmp_kmer)); data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:856:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). in.read((char *)&tmp_val, sizeof(tmp_val)); data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:865:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). in.read((char *)&ecmap_size, sizeof(ecmap_size)); data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:875:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). in.read((char *)&tmp_id, sizeof(tmp_id)); data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:878:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). in.read((char *)&vec_size, sizeof(vec_size)); data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:884:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). in.read((char *)&tmp_ecval, sizeof(tmp_ecval)); data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:901:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). in.read((char *)&tmp_size, sizeof(tmp_size)); data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:912:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). in.read(buffer, tmp_size); data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:921:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). in.read((char *)&contig_size, sizeof(contig_size)); data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:926:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). in.read((char *)&c.id, sizeof(c.id)); data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:927:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). in.read((char *)&c.length, sizeof(c.length)); data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:928:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). in.read((char *)&tmp_size, sizeof(tmp_size)); data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:937:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). in.read(buffer, tmp_size); data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:941:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). in.read((char*)&tmp_size, sizeof(tmp_size)); data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:947:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). in.read((char*)&info.trid, sizeof(info.trid)); data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:948:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). in.read((char*)&info.pos, sizeof(info.pos)); data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:949:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). in.read((char*)&info.sense, sizeof(info.sense)); data/kallisto-0.46.2+dfsg/src/KmerIndex.cpp:961:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). in.read((char *)&tmp_ec, sizeof(tmp_ec)); data/kallisto-0.46.2+dfsg/src/PseudoBam.cpp:14:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). h->l_text = (uint32_t) strlen(h->text); data/kallisto-0.46.2+dfsg/src/PseudoBam.cpp:40:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). h->l_text = (uint32_t) strlen(h->text); data/kallisto-0.46.2+dfsg/src/PseudoBam.cpp:379:5: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. sprintf(cig, "*"); data/kallisto-0.46.2+dfsg/src/PseudoBam.cpp:429:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). in.read(&bb[0], 6); data/kallisto-0.46.2+dfsg/src/PseudoBam.cpp:432:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). in.read((char*)&(batch.batch_id), sizeof(int32_t)); data/kallisto-0.46.2+dfsg/src/PseudoBam.cpp:434:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). in.read((char*)&bsz, sizeof(uint32_t)); data/kallisto-0.46.2+dfsg/src/PseudoBam.cpp:438:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). in.read((char*)&info.id, sizeof(info.id)); data/kallisto-0.46.2+dfsg/src/PseudoBam.cpp:440:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). in.read((char*)&flag, 1); data/kallisto-0.46.2+dfsg/src/PseudoBam.cpp:445:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). in.read((char*)&k1,1); data/kallisto-0.46.2+dfsg/src/PseudoBam.cpp:446:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). in.read((char*)&k2,1); data/kallisto-0.46.2+dfsg/src/PseudoBam.cpp:449:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). in.read((char*)&info.ec_id, sizeof(int32_t)); data/kallisto-0.46.2+dfsg/src/PseudoBam.cpp:450:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). in.read((char*)&info.barcode, sizeof(uint64_t)); data/kallisto-0.46.2+dfsg/src/PseudoBam.cpp:451:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). in.read((char*)&info.UMI, sizeof(uint64_t)); data/kallisto-0.46.2+dfsg/src/PseudoBam.cpp:454:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). in.read((char*)&sz, sizeof(uint32_t)); data/kallisto-0.46.2+dfsg/src/PseudoBam.cpp:458:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). in.read((char*)&tmp, sizeof(tmp)); ANALYSIS SUMMARY: Hits = 108 Lines analyzed = 14227 in approximately 0.37 seconds (38880 lines/second) Physical Source Lines of Code (SLOC) = 10468 Hits@level = [0] 1 [1] 40 [2] 59 [3] 8 [4] 1 [5] 0 Hits@level+ = [0+] 109 [1+] 108 [2+] 68 [3+] 9 [4+] 1 [5+] 0 Hits/KSLOC@level+ = [0+] 10.4127 [1+] 10.3172 [2+] 6.49599 [3+] 0.859763 [4+] 0.0955292 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.