Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/pplacer-1.1~alpha19/cdd_src/caml_cdd.c
Examining data/pplacer-1.1~alpha19/cdd_src/cdd.h
Examining data/pplacer-1.1~alpha19/cdd_src/cddcore.c
Examining data/pplacer-1.1~alpha19/cdd_src/cddlib.c
Examining data/pplacer-1.1~alpha19/cdd_src/cddlp.c
Examining data/pplacer-1.1~alpha19/cdd_src/cddmp.c
Examining data/pplacer-1.1~alpha19/cdd_src/cddmp.h
Examining data/pplacer-1.1~alpha19/cdd_src/cddproj.c
Examining data/pplacer-1.1~alpha19/cdd_src/cddtypes.h
Examining data/pplacer-1.1~alpha19/cdd_src/pplacer_cdd.c
Examining data/pplacer-1.1~alpha19/cdd_src/setoper.c
Examining data/pplacer-1.1~alpha19/cdd_src/setoper.h
Examining data/pplacer-1.1~alpha19/cdd_src/cddio.c
Examining data/pplacer-1.1~alpha19/pam_src/caml_pam.c
Examining data/pplacer-1.1~alpha19/pam_src/pam.c
Examining data/pplacer-1.1~alpha19/pplacer_src/linear_c.c
Examining data/pplacer-1.1~alpha19/pplacer_src/unix_support.c
FINAL RESULTS:
data/pplacer-1.1~alpha19/cdd_src/cddio.c:35:8: [4] (buffer) scanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if(scanf("%s",inputfile));
data/pplacer-1.1~alpha19/cdd_src/cddio.c:45:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(inputfile,tempname);
data/pplacer-1.1~alpha19/cdd_src/cddio.c:126:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(ifilehead,inputfile);
data/pplacer-1.1~alpha19/cdd_src/cddio.c:128:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outfile,ifilehead);
data/pplacer-1.1~alpha19/cdd_src/cddio.c:129:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(outfile,extension);
data/pplacer-1.1~alpha19/cdd_src/cddio.c:131:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outfile,inputfile);
data/pplacer-1.1~alpha19/cdd_src/cddio.c:132:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(outfile,extension);
data/pplacer-1.1~alpha19/cdd_src/cddio.c:897:9: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (fscanf(f,"%s",command)==EOF) {
data/pplacer-1.1~alpha19/cdd_src/cddio.c:917:6: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if(fscanf(f, "%ld %ld %s", &m_input, &d_input, numbtype));
data/pplacer-1.1~alpha19/cdd_src/cddio.c:945:7: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (fscanf(f,"%s",command)==EOF) {
data/pplacer-1.1~alpha19/cdd_src/cddio.c:959:8: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if(fscanf(f,"%s", command));
data/pplacer-1.1~alpha19/cdd_src/cddio.c:2006:7: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if(fscanf(f, "%s ", number_s));
data/pplacer-1.1~alpha19/cdd_src/cddcore.c:1859:3: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(seed);
data/pplacer-1.1~alpha19/cdd_src/cddlp.c:1756:3: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(seed);
data/pplacer-1.1~alpha19/cdd_src/caml_cdd.c:38:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Data_bigarray_val(res_bigarr), res, sizeof *res * res_size);
data/pplacer-1.1~alpha19/cdd_src/cddio.c:50:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( ( *f = fopen(inputfile,"r") )!= NULL) {
data/pplacer-1.1~alpha19/cdd_src/cddio.c:127:29: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if (strlen(inputfile)<=0) strcpy(ifilehead,"tempcdd");
data/pplacer-1.1~alpha19/cdd_src/cddio.c:159:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newline[dd_linelenmax];
data/pplacer-1.1~alpha19/cdd_src/cddio.c:868:10: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
eqsize=atol(next);
data/pplacer-1.1~alpha19/cdd_src/cddio.c:870:10: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
var=atol(next);
data/pplacer-1.1~alpha19/cdd_src/cddio.c:887:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[dd_linelenmax], comsave[dd_linelenmax], numbtype[dd_wordlenmax];
data/pplacer-1.1~alpha19/cdd_src/cddio.c:1959:14: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
numerator=atol (numerator_s);
data/pplacer-1.1~alpha19/cdd_src/cddio.c:1963:18: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
denominator=atol (denominator_s);
data/pplacer-1.1~alpha19/cdd_src/cddio.c:2002:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char number_s [dd_wordlenmax];
data/pplacer-1.1~alpha19/cdd_src/cddlib.c:340:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
else if ( ( reading = fopen(ifile, "r") )!= NULL) {
data/pplacer-1.1~alpha19/cdd_src/cddlib.c:353:26: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
else if ( (writing = fopen(ofile, "w") ) != NULL){
data/pplacer-1.1~alpha19/cdd_src/cddtypes.h:47:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char dd_DataFileType[dd_filenamelen];
data/pplacer-1.1~alpha19/cdd_src/cddtypes.h:48:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char dd_LineType[dd_linelenmax];
data/pplacer-1.1~alpha19/cdd_src/cddtypes.h:49:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char dd_WordType[dd_wordlenmax];
data/pplacer-1.1~alpha19/pam_src/pam.c:509:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
keep = atoi(argv[2]);
data/pplacer-1.1~alpha19/pam_src/pam.c:511:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(argv[1], "r");
data/pplacer-1.1~alpha19/cdd_src/cddcore.c:1045:85: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
void dd_CheckEquality(dd_colrange d_size, dd_RayPtr*RP1, dd_RayPtr*RP2, dd_boolean *equal)
data/pplacer-1.1~alpha19/cdd_src/cddcore.c:1053:26: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
while (j <= d_size && *equal) {
data/pplacer-1.1~alpha19/cdd_src/cddcore.c:1058:8: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (*equal)
data/pplacer-1.1~alpha19/cdd_src/cddcore.c:1438:26: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
dd_boolean determined, equal;
data/pplacer-1.1~alpha19/cdd_src/cddcore.c:1452:10: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
return equal;
data/pplacer-1.1~alpha19/cdd_src/cddcore.c:1468:19: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
dd_boolean adj, equal, completed;
data/pplacer-1.1~alpha19/cdd_src/cddcore.c:1505:52: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
dd_CheckEquality(cone->d, &RayPtr1, &RayPtr2, &equal);
data/pplacer-1.1~alpha19/cdd_src/cddcore.c:1514:32: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (dd_Negative(value1) || equal) {
data/pplacer-1.1~alpha19/cdd_src/cddio.c:36:8: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch=getchar();
data/pplacer-1.1~alpha19/cdd_src/cddio.c:44:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tempname,inputfile,i);
data/pplacer-1.1~alpha19/cdd_src/cddio.c:122:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=0; i< strlen(inputfile); i++){
data/pplacer-1.1~alpha19/cdd_src/cddio.c:125:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
if (dotpos>1) strncpy(ifilehead, inputfile, dotpos);
data/pplacer-1.1~alpha19/cdd_src/cddio.c:127:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(inputfile)<=0) strcpy(ifilehead,"tempcdd");
ANALYSIS SUMMARY:
Hits = 44
Lines analyzed = 11556 in approximately 0.41 seconds (28059 lines/second)
Physical Source Lines of Code (SLOC) = 9002
Hits@level = [0] 490 [1] 13 [2] 17 [3] 2 [4] 12 [5] 0
Hits@level+ = [0+] 534 [1+] 44 [2+] 31 [3+] 14 [4+] 12 [5+] 0
Hits/KSLOC@level+ = [0+] 59.3202 [1+] 4.8878 [2+] 3.44368 [3+] 1.55521 [4+] 1.33304 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.