Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/mustang-3.2.3/src/init_routines.h
Examining data/mustang-3.2.3/src/upgma.cpp
Examining data/mustang-3.2.3/src/jacobi.cpp
Examining data/mustang-3.2.3/src/superpose_2.cpp
Examining data/mustang-3.2.3/src/upgma.h
Examining data/mustang-3.2.3/src/extended_lib_gen.h
Examining data/mustang-3.2.3/src/superpose_weightedRMS.h
Examining data/mustang-3.2.3/src/pairwise_global_structalgn.h
Examining data/mustang-3.2.3/src/macros.h
Examining data/mustang-3.2.3/src/refine_pairalgn_2.cpp
Examining data/mustang-3.2.3/src/superpose_on_core.h
Examining data/mustang-3.2.3/src/sse_RK.h
Examining data/mustang-3.2.3/src/multiple_superposition.h
Examining data/mustang-3.2.3/src/globals.cpp
Examining data/mustang-3.2.3/src/alloc_routines.h
Examining data/mustang-3.2.3/src/ew.h
Examining data/mustang-3.2.3/src/distmat.cpp
Examining data/mustang-3.2.3/src/merge_global_local_libs.h
Examining data/mustang-3.2.3/src/neighbour_joining.h
Examining data/mustang-3.2.3/src/progress_align_3.cpp
Examining data/mustang-3.2.3/src/neighbour_joining.cpp
Examining data/mustang-3.2.3/src/distmat.h
Examining data/mustang-3.2.3/src/pdb_ripper_2.cpp
Examining data/mustang-3.2.3/src/superpose_2.h
Examining data/mustang-3.2.3/src/globals.h
Examining data/mustang-3.2.3/src/pdb_ripper.h
Examining data/mustang-3.2.3/src/main.cpp
Examining data/mustang-3.2.3/src/CmdLineParser_2.cpp
Examining data/mustang-3.2.3/src/output_algn.cpp
Examining data/mustang-3.2.3/src/multiple_superposition.cpp
Examining data/mustang-3.2.3/src/sse_RK.cpp
Examining data/mustang-3.2.3/src/merge_global_local_libs.cpp
Examining data/mustang-3.2.3/src/superpose_weightedRMS.cpp
Examining data/mustang-3.2.3/src/3D_manip_functions.h
Examining data/mustang-3.2.3/src/3D_manip_functions.cpp
Examining data/mustang-3.2.3/src/primary_lib_gen.cpp
Examining data/mustang-3.2.3/src/read_structures.cpp
Examining data/mustang-3.2.3/src/progress_align.h
Examining data/mustang-3.2.3/src/primary_lib_gen.h
Examining data/mustang-3.2.3/src/de_alloc_routines.h
Examining data/mustang-3.2.3/src/pairwise_global_structalgn.cpp
Examining data/mustang-3.2.3/src/CmdLineParser.h
Examining data/mustang-3.2.3/src/ew_2.cpp
Examining data/mustang-3.2.3/src/read_structures.h
Examining data/mustang-3.2.3/src/refine_pairalgn.h
Examining data/mustang-3.2.3/src/extended_lib_gen_3.cpp
Examining data/mustang-3.2.3/src/output_algn.h
Examining data/mustang-3.2.3/src/jacobi.h
Examining data/mustang-3.2.3/src/superpose_on_core_2.cpp
FINAL RESULTS:
data/mustang-3.2.3/src/3D_manip_functions.cpp:316:11: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
int tmp = system(command);
data/mustang-3.2.3/src/CmdLineParser_2.cpp:148:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( option[indx] , argv[i] ) ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:208:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( coption[i] , option[i] ) ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:276:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( carg , args[indx][option_indx] ) ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:293:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( args[indx][0] , argmt ) ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:304:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( cargs[i] , args[indx][i] );
data/mustang-3.2.3/src/CmdLineParser_2.cpp:318:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( args[indx][i] , cargs[i] ) ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:321:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( args[indx][ nargs[indx] ] , argmt ) ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:471:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( STRUCT_PATH , buffer ) ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:484:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( struct_names[i] , buffer ) ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:486:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( buffer, STRUCT_PATH ) ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:487:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( buffer, struct_names[i] ) ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:489:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( struct_paths[i] , buffer ) ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:496:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( buff , STRUCT_PATH );
data/mustang-3.2.3/src/CmdLineParser_2.cpp:497:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( buff , struct_names[ i ] );
data/mustang-3.2.3/src/CmdLineParser_2.cpp:529:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( cpybuffer , ptr ) ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:574:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( cpybuffer , ptr ) ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:603:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( buffer, STRUCT_PATH ) ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:604:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( buffer, struct_names[i] ) ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:606:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( struct_paths[i] , buffer ) ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:614:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( buffer, struct_names[i] ) ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:616:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( struct_paths[i], buffer ) ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:662:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( STRUCT_PATH , buffer ) ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:679:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( struct_names[i] , buffer ) ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:708:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( OUTPUT_FILENAME_PREFIX , buffer ) ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:842:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( buffer, STRUCT_PATH ) ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:843:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( buffer, struct_names[i] ) ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:845:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( struct_paths[i] , buffer ) ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:854:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( buffer, struct_names[i] ) ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:856:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( struct_paths[i], buffer ) ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:892:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( struct_names[i] , buffer ) ;
data/mustang-3.2.3/src/output_algn.cpp:86:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( tmpstr , OUTPUT_FILENAME_PREFIX ) ;
data/mustang-3.2.3/src/output_algn.cpp:109:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( pref_str , tmpstr ) ;
data/mustang-3.2.3/src/output_algn.cpp:142:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( tmpstr , OUTPUT_FILENAME_PREFIX ) ;
data/mustang-3.2.3/src/output_algn.cpp:165:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( pref_str , tmpstr ) ;
data/mustang-3.2.3/src/output_algn.cpp:197:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( tmpstr , OUTPUT_FILENAME_PREFIX ) ;
data/mustang-3.2.3/src/output_algn.cpp:220:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( pref_str , tmpstr ) ;
data/mustang-3.2.3/src/output_algn.cpp:358:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( tmpstr , OUTPUT_FILENAME_PREFIX ) ;
data/mustang-3.2.3/src/output_algn.cpp:381:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( pref_str , tmpstr ) ;
data/mustang-3.2.3/src/output_algn.cpp:469:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( tmp_color , col_groups[k].color) ;
data/mustang-3.2.3/src/output_algn.cpp:545:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( tmp_color , col_groups[k].color) ;
data/mustang-3.2.3/src/output_algn.cpp:620:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( tmpstr_ps , OUTPUT_FILENAME_PREFIX ) ;
data/mustang-3.2.3/src/output_algn.cpp:624:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( pref_str_ps , tmpstr_ps ) ;
data/mustang-3.2.3/src/output_algn.cpp:673:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(strbuffer , "MUSTANG %s: A Multiple structural alignment algorithm",VERSION) ;
data/mustang-3.2.3/src/output_algn.cpp:697:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(strbuffer , asctime(localtime(&rundate)) ) ;
data/mustang-3.2.3/src/output_algn.cpp:708:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(strbuffer , tmpstr_ps ) ;
data/mustang-3.2.3/src/output_algn.cpp:737:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(strbuffer , "%s" , struct_names[i] ) ;
data/mustang-3.2.3/src/output_algn.cpp:767:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( strbuffer , strbuffer_temp ) ; //previously was strcat
data/mustang-3.2.3/src/output_algn.cpp:773:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( strbuffer , strbuffer_temp ) ;
data/mustang-3.2.3/src/output_algn.cpp:779:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( strbuffer , strbuffer_temp ) ;
data/mustang-3.2.3/src/output_algn.cpp:785:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( strbuffer , strbuffer_temp ) ;
data/mustang-3.2.3/src/output_algn.cpp:791:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( strbuffer , strbuffer_temp ) ;
data/mustang-3.2.3/src/output_algn.cpp:797:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( strbuffer , strbuffer_temp ) ;
data/mustang-3.2.3/src/output_algn.cpp:810:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( strbuffer , strbuffer_temp ) ;
data/mustang-3.2.3/src/output_algn.cpp:816:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( strbuffer , strbuffer_temp ) ;
data/mustang-3.2.3/src/output_algn.cpp:822:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( strbuffer , strbuffer_temp ) ;
data/mustang-3.2.3/src/output_algn.cpp:828:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( strbuffer , strbuffer_temp ) ;
data/mustang-3.2.3/src/output_algn.cpp:834:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( strbuffer , strbuffer_temp ) ;
data/mustang-3.2.3/src/output_algn.cpp:840:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( strbuffer , strbuffer_temp ) ;
data/mustang-3.2.3/src/output_algn.cpp:862:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( strbuffer , strbuffer_temp ) ;
data/mustang-3.2.3/src/output_algn.cpp:868:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( strbuffer , strbuffer_temp ) ;
data/mustang-3.2.3/src/output_algn.cpp:874:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( strbuffer , strbuffer_temp ) ;
data/mustang-3.2.3/src/output_algn.cpp:880:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( strbuffer , strbuffer_temp ) ;
data/mustang-3.2.3/src/output_algn.cpp:886:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( strbuffer , strbuffer_temp ) ;
data/mustang-3.2.3/src/output_algn.cpp:892:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( strbuffer , strbuffer_temp ) ;
data/mustang-3.2.3/src/output_algn.cpp:921:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(strbuffer , "%-10s", struct_names[i] ) ;
data/mustang-3.2.3/src/output_algn.cpp:942:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(strbuffer , "%5s ", " " ) ;
data/mustang-3.2.3/src/output_algn.cpp:988:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(strbuffer , "%5s", " " ) ;
data/mustang-3.2.3/src/output_algn.cpp:995:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(strbuffer , "%16s", " " ) ;
data/mustang-3.2.3/src/output_algn.cpp:1008:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(strbuffer , "%s", "#================================EOF=================================" ) ;
data/mustang-3.2.3/src/pdb_ripper_2.cpp:120:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( prev_res_num , curr_res_num ) ;
data/mustang-3.2.3/src/pdb_ripper_2.cpp:176:4: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf( tempstr , "%s" , temp_name ) ;
data/mustang-3.2.3/src/pdb_ripper_2.cpp:185:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( temp_num , tempstr) ;
data/mustang-3.2.3/src/pdb_ripper_2.cpp:255:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( PROT[Sindx][index].res_num , temp_num ) ;
data/mustang-3.2.3/src/pdb_ripper_2.cpp:389:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp_atom_name, tempstr ) ;
data/mustang-3.2.3/src/pdb_ripper_2.cpp:398:3: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf( tempstr , "%s" , temp_res_name ) ;
data/mustang-3.2.3/src/pdb_ripper_2.cpp:407:3: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf( tempstr , "%s" , temp_res_num ) ;
data/mustang-3.2.3/src/pdb_ripper_2.cpp:453:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( pdb_trav -> atom_name , temp_atom_name );
data/mustang-3.2.3/src/pdb_ripper_2.cpp:454:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( pdb_trav -> residue , temp_res_name );
data/mustang-3.2.3/src/pdb_ripper_2.cpp:455:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( pdb_trav -> residue_num , temp_res_num );
data/mustang-3.2.3/src/superpose_on_core_2.cpp:127:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( output_file_name , OUTPUT_FILENAME_PREFIX ) ;
data/mustang-3.2.3/src/superpose_on_core_2.cpp:128:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp_name , output_file_name );
data/mustang-3.2.3/src/superpose_on_core_2.cpp:199:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( output_file_name , OUTPUT_FILENAME_PREFIX ) ;
data/mustang-3.2.3/src/superpose_on_core_2.cpp:200:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp_name , output_file_name );
data/mustang-3.2.3/src/3D_manip_functions.cpp:315:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[20] = "./super" ;
data/mustang-3.2.3/src/3D_manip_functions.cpp:341:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output[100] ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:336:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char opt[50] ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:337:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char args[100] ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:338:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char description[1000] ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:464:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1000] ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:493:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[500] ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:508:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1000] = "" ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:509:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cpybuffer[1000] = "" ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:600:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer [1000] ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:611:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer [1000] ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:838:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer [1000] ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:850:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer [1000] ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:877:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1000] = "" ;
data/mustang-3.2.3/src/ew_2.cpp:1044:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
derivation[i] = new char [ ( PROT_SIZES[b] + 1 ) ] ;
data/mustang-3.2.3/src/globals.cpp:51:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char OUTPUT_FILENAME_PREFIX[200] = "results";
data/mustang-3.2.3/src/globals.h:52:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char three_letter_code[4] ;
data/mustang-3.2.3/src/globals.h:58:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char res_num[10] ; //as it appears in PDB
data/mustang-3.2.3/src/globals.h:83:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char atom_name[6];
data/mustang-3.2.3/src/globals.h:84:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char residue[4] ;
data/mustang-3.2.3/src/globals.h:85:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char residue_num[6];
data/mustang-3.2.3/src/globals.h:163:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char cmdlineparam_o[500] ;
data/mustang-3.2.3/src/globals.h:181:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char OUTPUT_FILENAME_PREFIX[200];
data/mustang-3.2.3/src/output_algn.cpp:55:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char PSCOLORS[5][20] ={
data/mustang-3.2.3/src/output_algn.cpp:85:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpstr[500] = "" ;
data/mustang-3.2.3/src/output_algn.cpp:88:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tmpstr , ".pir") ;
data/mustang-3.2.3/src/output_algn.cpp:108:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pref_str[500]="" ;
data/mustang-3.2.3/src/output_algn.cpp:141:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpstr[500] = "" ;
data/mustang-3.2.3/src/output_algn.cpp:144:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tmpstr , ".afasta") ;
data/mustang-3.2.3/src/output_algn.cpp:164:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pref_str[500]="" ;
data/mustang-3.2.3/src/output_algn.cpp:196:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpstr[500] = "" ;
data/mustang-3.2.3/src/output_algn.cpp:199:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tmpstr , ".msf") ;
data/mustang-3.2.3/src/output_algn.cpp:219:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pref_str[500]="" ;
data/mustang-3.2.3/src/output_algn.cpp:279:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char color[10] ;
data/mustang-3.2.3/src/output_algn.cpp:280:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char group_list[10] ;
data/mustang-3.2.3/src/output_algn.cpp:347:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpstr[500] = "" ;
data/mustang-3.2.3/src/output_algn.cpp:360:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tmpstr , ".html") ;
data/mustang-3.2.3/src/output_algn.cpp:380:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pref_str[500]="" ;
data/mustang-3.2.3/src/output_algn.cpp:427:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_color[10] = "";
data/mustang-3.2.3/src/output_algn.cpp:453:28: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if( ALGN[i][j] == '-' ) strcpy(tmp_color , "Black") ;
data/mustang-3.2.3/src/output_algn.cpp:526:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[100] = "lower case with grey background" ;
data/mustang-3.2.3/src/output_algn.cpp:529:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(tmp_color , "Blue") ;
data/mustang-3.2.3/src/output_algn.cpp:590:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char color[10] ;
data/mustang-3.2.3/src/output_algn.cpp:591:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char group_list[10] ;
data/mustang-3.2.3/src/output_algn.cpp:609:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpstr_ps[500] = "" ;
data/mustang-3.2.3/src/output_algn.cpp:622:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tmpstr_ps , ".ps" ) ;
data/mustang-3.2.3/src/output_algn.cpp:623:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pref_str_ps[500] = "" ;
data/mustang-3.2.3/src/output_algn.cpp:648:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strbuffer[1000] = "" ;
data/mustang-3.2.3/src/output_algn.cpp:649:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strbuffer_temp[1000] = "" ;
data/mustang-3.2.3/src/output_algn.cpp:660:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( strbuffer, "###################################################################" ) ;
data/mustang-3.2.3/src/output_algn.cpp:668:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(strbuffer , "# Program: ") ;
data/mustang-3.2.3/src/output_algn.cpp:679:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(strbuffer , "# Authors: ") ;
data/mustang-3.2.3/src/output_algn.cpp:685:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(strbuffer , "A. S. Konagurthu, A. M. Lesk, J. C. Whisstock, and P. J. Stuckey") ;
data/mustang-3.2.3/src/output_algn.cpp:691:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(strbuffer , "# Rundate: ") ;
data/mustang-3.2.3/src/output_algn.cpp:702:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(strbuffer , "# Report_file: ") ;
data/mustang-3.2.3/src/output_algn.cpp:713:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( strbuffer, "###################################################################" ) ;
data/mustang-3.2.3/src/output_algn.cpp:716:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( strbuffer, "#====================================" ) ;
data/mustang-3.2.3/src/output_algn.cpp:720:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(strbuffer , "# Aligned_structures: " ) ;
data/mustang-3.2.3/src/output_algn.cpp:725:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(strbuffer , "%d" , NSTRUCTS ) ;
data/mustang-3.2.3/src/output_algn.cpp:732:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(strbuffer , "# %3d:" , i+1 ) ;
data/mustang-3.2.3/src/output_algn.cpp:747:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(strbuffer , "# Length: " ) ;
data/mustang-3.2.3/src/output_algn.cpp:752:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(strbuffer , "%10d" , ALGN_LEN ) ;
data/mustang-3.2.3/src/output_algn.cpp:761:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(strbuffer , "# Identity: " ) ;
data/mustang-3.2.3/src/output_algn.cpp:766:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( strbuffer_temp , "%8d", n_iden ) ;
data/mustang-3.2.3/src/output_algn.cpp:778:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( strbuffer_temp , "%3d", ALGN_LEN ) ;
data/mustang-3.2.3/src/output_algn.cpp:784:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( strbuffer_temp , " \\(") ;
data/mustang-3.2.3/src/output_algn.cpp:790:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( strbuffer_temp , "%5.1f%%", (float)((float)(n_iden*100)/(float)(ALGN_LEN)) ) ;
data/mustang-3.2.3/src/output_algn.cpp:796:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( strbuffer_temp , "\\) \\(Percentage of conserved columns.\\)") ;
data/mustang-3.2.3/src/output_algn.cpp:804:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(strbuffer , "# Similarity: " ) ;
data/mustang-3.2.3/src/output_algn.cpp:809:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( strbuffer_temp , "%6d", n_iden+n_sim ) ;
data/mustang-3.2.3/src/output_algn.cpp:821:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( strbuffer_temp , "%3d", ALGN_LEN ) ;
data/mustang-3.2.3/src/output_algn.cpp:827:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( strbuffer_temp , " \\(") ;
data/mustang-3.2.3/src/output_algn.cpp:833:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( strbuffer_temp , "%5.1f%%", (float)((float)((n_iden+n_sim)*100)/(float)(ALGN_LEN)) ) ;
data/mustang-3.2.3/src/output_algn.cpp:839:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( strbuffer_temp , "\\) \\(Percentage of conserved and semi-conserved columns.\\)");
data/mustang-3.2.3/src/output_algn.cpp:856:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(strbuffer , "# Gaps: " ) ;
data/mustang-3.2.3/src/output_algn.cpp:861:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( strbuffer_temp , "%12d", n_gaps ) ;
data/mustang-3.2.3/src/output_algn.cpp:873:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( strbuffer_temp , "%3d", ALGN_LEN ) ;
data/mustang-3.2.3/src/output_algn.cpp:879:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( strbuffer_temp , " \\(") ;
data/mustang-3.2.3/src/output_algn.cpp:885:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( strbuffer_temp , "%5.1f%%", (float)((float)((n_gaps)*100)/(float)(ALGN_LEN)) ) ;
data/mustang-3.2.3/src/output_algn.cpp:891:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( strbuffer_temp , "\\) \\(Percentage of columns with atleast one gap.\\)");
data/mustang-3.2.3/src/output_algn.cpp:898:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( strbuffer, "===================================================================" ) ;
data/mustang-3.2.3/src/output_algn.cpp:936:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(strbuffer , "%5d ", indx_cntr[i]+1 ) ;
data/mustang-3.2.3/src/output_algn.cpp:974:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(strbuffer , "%c", ALGN[i][j] ) ;
data/mustang-3.2.3/src/output_algn.cpp:981:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(strbuffer , "%5d", indx_cntr[i] ) ;
data/mustang-3.2.3/src/output_algn.cpp:1001:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(strbuffer , "%c", ALGN_markup[j] ) ;
data/mustang-3.2.3/src/pairwise_global_structalgn.cpp:121:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
derivation[i] = new char [ ( PROT_SIZES[b] + 1 ) ] ;
data/mustang-3.2.3/src/pdb_ripper_2.cpp:54:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[90];
data/mustang-3.2.3/src/pdb_ripper_2.cpp:88:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[90];
data/mustang-3.2.3/src/pdb_ripper_2.cpp:96:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prev_res_num[8] = "" ;
data/mustang-3.2.3/src/pdb_ripper_2.cpp:97:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char curr_res_num[8] = "" ;
data/mustang-3.2.3/src/pdb_ripper_2.cpp:133:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[90] ;
data/mustang-3.2.3/src/pdb_ripper_2.cpp:134:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempstr[20] = "" ;
data/mustang-3.2.3/src/pdb_ripper_2.cpp:135:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp_name[4] ;
data/mustang-3.2.3/src/pdb_ripper_2.cpp:136:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp_num[10] ;
data/mustang-3.2.3/src/pdb_ripper_2.cpp:307:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strbuffer[90];
data/mustang-3.2.3/src/pdb_ripper_2.cpp:308:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempstr[20] = "" ;
data/mustang-3.2.3/src/pdb_ripper_2.cpp:309:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp_atom_name[6] ;
data/mustang-3.2.3/src/pdb_ripper_2.cpp:310:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp_res_name[4] ;
data/mustang-3.2.3/src/pdb_ripper_2.cpp:311:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp_res_num[6] ;
data/mustang-3.2.3/src/pdb_ripper_2.cpp:316:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prev_res_name[6]="";
data/mustang-3.2.3/src/progress_align_3.cpp:146:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
derivation[i] = new char [ ( PROT_SIZES[b] + 1 ) ] ;
data/mustang-3.2.3/src/progress_align_3.cpp:657:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
derivation[i] = new char [ b + 1 ] ;
data/mustang-3.2.3/src/superpose_on_core_2.cpp:124:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp_name[200] ;
data/mustang-3.2.3/src/superpose_on_core_2.cpp:126:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_file_name[200] ;
data/mustang-3.2.3/src/superpose_on_core_2.cpp:129:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(temp_name , ".rms_rot" ) ;
data/mustang-3.2.3/src/superpose_on_core_2.cpp:195:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp_name[200] ;
data/mustang-3.2.3/src/superpose_on_core_2.cpp:198:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_file_name[200] ;
data/mustang-3.2.3/src/superpose_on_core_2.cpp:201:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(temp_name , ".pdb" ) ;
data/mustang-3.2.3/src/superpose_on_core_2.cpp:229:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp_num[6] ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:176:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( arg == NULL || strlen(arg) < 2 )
data/mustang-3.2.3/src/CmdLineParser_2.cpp:275:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *carg = new char [ strlen(args[indx][option_indx])+1 ] ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:292:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
args[indx][0] = new char [ strlen(argmt)+1 ] ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:300:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for( int i = 0 ; i < nargs[indx] ; i++ ) cargs[i] = new char [ strlen(args[indx][i])+1 ] ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:313:72: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for( int i = 0 ; i < nargs[indx] ; i++ ) args[indx][i] = new char [ strlen(cargs[i])+1 ] ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:320:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
args[indx][ nargs[indx] ] = new char [ strlen(argmt) + 1] ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:469:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
STRUCT_PATH = new char [ strlen(buffer) +1 ] ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:483:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
struct_names[i] = new char [ strlen(buffer) +1 ] ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:488:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
struct_paths[i] = new char [ strlen(buffer) +1 ] ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:524:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( cpybuffer , "" ) ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:537:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( (signed)strlen(cpybuffer) > pathlen )
data/mustang-3.2.3/src/CmdLineParser_2.cpp:538:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pathlen = strlen(cpybuffer) ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:546:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( (signed)strlen(cpybuffer) > maxstrlen )
data/mustang-3.2.3/src/CmdLineParser_2.cpp:547:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
maxstrlen = strlen(cpybuffer) ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:569:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy( cpybuffer , "" ) ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:581:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
STRUCT_PATH = new char [ strlen(cpybuffer) +1 ] ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:582:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for( int i = 1 ; i <= (signed)strlen(cpybuffer) ; i++ )
data/mustang-3.2.3/src/CmdLineParser_2.cpp:584:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat( STRUCT_PATH, "/" ) ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:588:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for( int i = 1 ; i <= (signed)strlen(cpybuffer) ; i++ )
data/mustang-3.2.3/src/CmdLineParser_2.cpp:605:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
struct_paths[i] = new char [ strlen(buffer) +1 ] ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:615:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
struct_paths[i] = new char [ strlen(buffer) +1 ] ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:661:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
STRUCT_PATH = new char [ strlen(buffer) +1 ] ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:678:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
struct_names[i]= new char [ strlen(buffer) +1 ] ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:723:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for( int i = 0 ; i < (signed)strlen(buffer) ; i++ ) buffer[i] = tolower(buffer[i]) ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:767:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for( int i = 0 ; i < (signed)strlen(buffer) ; i++ ) buffer[i] = tolower(buffer[i]) ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:788:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for( int i = 0 ; i < (signed)strlen(buffer) ; i++ ) buffer[i] = tolower(buffer[i]) ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:844:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
struct_paths[i] = new char [ strlen(buffer) +1 ] ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:855:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
struct_paths[i] = new char [ strlen(buffer) +1 ] ;
data/mustang-3.2.3/src/CmdLineParser_2.cpp:878:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for( int j = strlen(struct_names[i])-1 , k = 0 ; j >= 0 ; j-- , k++ )
data/mustang-3.2.3/src/CmdLineParser_2.cpp:884:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for( int j = 0 , k = strlen(buffer)-1 ; j < k ; j++ , k-- )
data/mustang-3.2.3/src/output_algn.cpp:91:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen(tmpstr) < 18 ) {
data/mustang-3.2.3/src/output_algn.cpp:96:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
<< setw(20-strlen(tmpstr))<< " " ;
data/mustang-3.2.3/src/output_algn.cpp:105:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
<< setw(55-strlen(tmpstr))<< " " ;
data/mustang-3.2.3/src/output_algn.cpp:147:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen(tmpstr) < 18 ) {
data/mustang-3.2.3/src/output_algn.cpp:152:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
<< setw(20-strlen(tmpstr))<< " " ;
data/mustang-3.2.3/src/output_algn.cpp:161:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
<< setw(55-strlen(tmpstr))<< " " ;
data/mustang-3.2.3/src/output_algn.cpp:202:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen(tmpstr) < 18 ) {
data/mustang-3.2.3/src/output_algn.cpp:207:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
<< setw(20-strlen(tmpstr))<< " " ;
data/mustang-3.2.3/src/output_algn.cpp:216:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
<< setw(55-strlen(tmpstr))<< " " ;
data/mustang-3.2.3/src/output_algn.cpp:229:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buff[ strlen(buff)-1 ] = '\0' ;
data/mustang-3.2.3/src/output_algn.cpp:363:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen(tmpstr) < 18 ) {
data/mustang-3.2.3/src/output_algn.cpp:368:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
<< setw(20-strlen(tmpstr))<< " " ;
data/mustang-3.2.3/src/output_algn.cpp:377:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
<< setw(55-strlen(tmpstr))<< " " ;
data/mustang-3.2.3/src/output_algn.cpp:460:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for( int l = 0 ; l < (signed)strlen( col_groups[k].group_list) ; l++ )
data/mustang-3.2.3/src/output_algn.cpp:527:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for( int i = 0 ; i < (signed)strlen(buff) ; i++ )
data/mustang-3.2.3/src/output_algn.cpp:533:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for( int l = 0 ; l < (signed)strlen( col_groups[k].group_list) ; l++ )
data/mustang-3.2.3/src/output_algn.cpp:742:2: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(strbuffer , "#") ;
data/mustang-3.2.3/src/output_algn.cpp:772:2: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf( strbuffer_temp , "/") ;
data/mustang-3.2.3/src/output_algn.cpp:815:2: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf( strbuffer_temp , "/") ;
data/mustang-3.2.3/src/output_algn.cpp:867:2: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf( strbuffer_temp , "/") ;
data/mustang-3.2.3/src/output_algn.cpp:956:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for( int l = 0 ; l < (signed)strlen( col_groups[k].group_list) ; l++ )
data/mustang-3.2.3/src/superpose_on_core_2.cpp:136:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
<< setw(20-strlen(temp_name))<< " " ;
data/mustang-3.2.3/src/superpose_on_core_2.cpp:204:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen(temp_name) < 18 ) {
data/mustang-3.2.3/src/superpose_on_core_2.cpp:209:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
<< setw(20-strlen(temp_name))<< " " ;
data/mustang-3.2.3/src/superpose_on_core_2.cpp:218:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
<< setw(55-strlen(temp_name))<< " " ;
data/mustang-3.2.3/src/superpose_on_core_2.cpp:272:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for( int k = 0 , l = 0 ; k < (signed)strlen(pdb_trav->residue_num) ; k++ )
data/mustang-3.2.3/src/superpose_on_core_2.cpp:279:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( k == (signed)strlen(pdb_trav->residue_num) - 1 )
data/mustang-3.2.3/src/superpose_on_core_2.cpp:328:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for( int k = 0 , l = 0 ; k < (signed)strlen(pdb_trav->residue_num) ; k++ )
data/mustang-3.2.3/src/superpose_on_core_2.cpp:335:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( k == (signed)strlen(pdb_trav->residue_num) - 1 )
ANALYSIS SUMMARY:
Hits = 252
Lines analyzed = 11768 in approximately 0.37 seconds (31605 lines/second)
Physical Source Lines of Code (SLOC) = 7868
Hits@level = [0] 11 [1] 59 [2] 109 [3] 0 [4] 84 [5] 0
Hits@level+ = [0+] 263 [1+] 252 [2+] 193 [3+] 84 [4+] 84 [5+] 0
Hits/KSLOC@level+ = [0+] 33.4265 [1+] 32.0285 [2+] 24.5297 [3+] 10.6762 [4+] 10.6762 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.