Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/r-bioc-dada2-1.18.0+dfsg/inst/include/dada2.h
Examining data/r-bioc-dada2-1.18.0+dfsg/inst/include/dada2_RcppExports.h
Examining data/r-bioc-dada2-1.18.0+dfsg/src/RcppExports.cpp
Examining data/r-bioc-dada2-1.18.0+dfsg/src/Rmain.cpp
Examining data/r-bioc-dada2-1.18.0+dfsg/src/chimera.cpp
Examining data/r-bioc-dada2-1.18.0+dfsg/src/cluster.cpp
Examining data/r-bioc-dada2-1.18.0+dfsg/src/containers.cpp
Examining data/r-bioc-dada2-1.18.0+dfsg/src/dada.h
Examining data/r-bioc-dada2-1.18.0+dfsg/src/error.cpp
Examining data/r-bioc-dada2-1.18.0+dfsg/src/evaluate.cpp
Examining data/r-bioc-dada2-1.18.0+dfsg/src/filter.cpp
Examining data/r-bioc-dada2-1.18.0+dfsg/src/kmers.cpp
Examining data/r-bioc-dada2-1.18.0+dfsg/src/misc.cpp
Examining data/r-bioc-dada2-1.18.0+dfsg/src/nwalign_endsfree.cpp
Examining data/r-bioc-dada2-1.18.0+dfsg/src/nwalign_vectorized.cpp
Examining data/r-bioc-dada2-1.18.0+dfsg/src/pval.cpp
Examining data/r-bioc-dada2-1.18.0+dfsg/src/taxonomy.cpp
FINAL RESULTS:
data/r-bioc-dada2-1.18.0+dfsg/src/Rmain.cpp:106:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(seq, seqs[index].c_str());
data/r-bioc-dada2-1.18.0+dfsg/src/cluster.cpp:384:20: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if(bi->center) { strcpy(bi->seq, bi->center->seq); }
data/r-bioc-dada2-1.18.0+dfsg/src/containers.cpp:26:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(raw->seq, seq);
data/r-bioc-dada2-1.18.0+dfsg/src/misc.cpp:103:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(oseq, iseq);
data/r-bioc-dada2-1.18.0+dfsg/src/misc.cpp:121:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(oseq, iseq);
data/r-bioc-dada2-1.18.0+dfsg/src/Rmain.cpp:100:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char seq[SEQLEN];
data/r-bioc-dada2-1.18.0+dfsg/src/dada.h:77:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char seq[SEQLEN]; // representative sequence for the cluster
data/r-bioc-dada2-1.18.0+dfsg/src/dada.h:89:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char birth_type[2]; // encoding of how this Bi was created: "I": Initial cluster, "A": Abundance pval, "S": Singleton pval
data/r-bioc-dada2-1.18.0+dfsg/src/dada.h:152:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char **nwalign(const char *s1, size_t len1, const char *s2, size_t len2, int score[4][4], int gap_p, int band);
data/r-bioc-dada2-1.18.0+dfsg/src/dada.h:152:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char **nwalign(const char *s1, size_t len1, const char *s2, size_t len2, int score[4][4], int gap_p, int band);
data/r-bioc-dada2-1.18.0+dfsg/src/dada.h:152:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char **nwalign(const char *s1, size_t len1, const char *s2, size_t len2, int score[4][4], int gap_p, int band);
data/r-bioc-dada2-1.18.0+dfsg/src/dada.h:153:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char **nwalign_endsfree(const char *s1, size_t len1, const char *s2, size_t len2, int score[4][4], int gap_p, int band);
data/r-bioc-dada2-1.18.0+dfsg/src/dada.h:153:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char **nwalign_endsfree(const char *s1, size_t len1, const char *s2, size_t len2, int score[4][4], int gap_p, int band);
data/r-bioc-dada2-1.18.0+dfsg/src/dada.h:153:60: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char **nwalign_endsfree(const char *s1, size_t len1, const char *s2, size_t len2, int score[4][4], int gap_p, int band);
data/r-bioc-dada2-1.18.0+dfsg/src/dada.h:154:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char **nwalign_endsfree_homo(const char *s1, size_t len1, const char *s2, size_t len2, int score[4][4], int gap_p, int gap_homo_p, int band);
data/r-bioc-dada2-1.18.0+dfsg/src/dada.h:154:36: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char **nwalign_endsfree_homo(const char *s1, size_t len1, const char *s2, size_t len2, int score[4][4], int gap_p, int gap_homo_p, int band);
data/r-bioc-dada2-1.18.0+dfsg/src/dada.h:154:65: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char **nwalign_endsfree_homo(const char *s1, size_t len1, const char *s2, size_t len2, int score[4][4], int gap_p, int gap_homo_p, int band);
data/r-bioc-dada2-1.18.0+dfsg/src/dada.h:182:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
double get_self(char *seq, double err[4][4]);
data/r-bioc-dada2-1.18.0+dfsg/src/error.cpp:18:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oseq[SEQLEN];
data/r-bioc-dada2-1.18.0+dfsg/src/error.cpp:267:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2] = {'\0','\0'};
data/r-bioc-dada2-1.18.0+dfsg/src/nwalign_endsfree.cpp:76:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char **nwalign_endsfree(const char *s1, size_t len1, const char *s2, size_t len2, int score[4][4], int gap_p, int band) {
data/r-bioc-dada2-1.18.0+dfsg/src/nwalign_endsfree.cpp:76:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char **nwalign_endsfree(const char *s1, size_t len1, const char *s2, size_t len2, int score[4][4], int gap_p, int band) {
data/r-bioc-dada2-1.18.0+dfsg/src/nwalign_endsfree.cpp:76:60: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char **nwalign_endsfree(const char *s1, size_t len1, const char *s2, size_t len2, int score[4][4], int gap_p, int band) {
data/r-bioc-dada2-1.18.0+dfsg/src/nwalign_endsfree.cpp:220:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char **nwalign_endsfree_homo(const char *s1, size_t len1, const char *s2, size_t len2, int score[4][4], int gap_p, int homo_gap_p, int band) {
data/r-bioc-dada2-1.18.0+dfsg/src/nwalign_endsfree.cpp:220:36: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char **nwalign_endsfree_homo(const char *s1, size_t len1, const char *s2, size_t len2, int score[4][4], int gap_p, int homo_gap_p, int band) {
data/r-bioc-dada2-1.18.0+dfsg/src/nwalign_endsfree.cpp:220:65: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char **nwalign_endsfree_homo(const char *s1, size_t len1, const char *s2, size_t len2, int score[4][4], int gap_p, int homo_gap_p, int band) {
data/r-bioc-dada2-1.18.0+dfsg/src/nwalign_endsfree.cpp:403:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char **nwalign(const char *s1, size_t len1, const char *s2, size_t len2, int score[4][4], int gap_p, int band) {
data/r-bioc-dada2-1.18.0+dfsg/src/nwalign_endsfree.cpp:403:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char **nwalign(const char *s1, size_t len1, const char *s2, size_t len2, int score[4][4], int gap_p, int band) {
data/r-bioc-dada2-1.18.0+dfsg/src/nwalign_endsfree.cpp:403:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char **nwalign(const char *s1, size_t len1, const char *s2, size_t len2, int score[4][4], int gap_p, int band) {
data/r-bioc-dada2-1.18.0+dfsg/src/nwalign_endsfree.cpp:694:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rsub->map, sub->map, len0 * sizeof(uint16_t));
data/r-bioc-dada2-1.18.0+dfsg/src/nwalign_endsfree.cpp:695:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rsub->pos, sub->pos, nsubs * sizeof(uint16_t));
data/r-bioc-dada2-1.18.0+dfsg/src/nwalign_endsfree.cpp:696:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rsub->nt0, sub->nt0, nsubs);
data/r-bioc-dada2-1.18.0+dfsg/src/nwalign_endsfree.cpp:697:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rsub->nt1, sub->nt1, nsubs);
data/r-bioc-dada2-1.18.0+dfsg/src/nwalign_endsfree.cpp:703:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rsub->q0, sub->q0, nsubs * sizeof(uint8_t)); // allocated double
data/r-bioc-dada2-1.18.0+dfsg/src/nwalign_endsfree.cpp:704:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rsub->q1, sub->q1, nsubs * sizeof(uint8_t)); // allocated double
data/r-bioc-dada2-1.18.0+dfsg/src/taxonomy.cpp:175:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(karray, karray_rc, arraylen * sizeof(int));
data/r-bioc-dada2-1.18.0+dfsg/src/RcppExports.cpp:12:180: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
Rcpp::List dada_uniques(std::vector< std::string > seqs, std::vector<int> abundances, std::vector<bool> priors, Rcpp::NumericMatrix err, Rcpp::NumericMatrix quals, int match, int mismatch, int gap, bool use_kmers, double kdist_cutoff, int band_size, double omegaA, double omegaP, double omegaC, bool detect_singletons, int max_clust, double min_fold, int min_hamming, int min_abund, bool use_quals, bool final_consensus, bool vectorized_alignment, int homo_gap, bool multithread, bool verbose, int SSE, bool gapless, bool greedy);
data/r-bioc-dada2-1.18.0+dfsg/src/RcppExports.cpp:23:48: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
Rcpp::traits::input_parameter< int >::type mismatch(mismatchSEXP);
data/r-bioc-dada2-1.18.0+dfsg/src/RcppExports.cpp:45:92: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
rcpp_result_gen = Rcpp::wrap(dada_uniques(seqs, abundances, priors, err, quals, match, mismatch, gap, use_kmers, kdist_cutoff, band_size, omegaA, omegaP, omegaC, detect_singletons, max_clust, min_fold, min_hamming, min_abund, use_quals, final_consensus, vectorized_alignment, homo_gap, multithread, verbose, SSE, gapless, greedy));
data/r-bioc-dada2-1.18.0+dfsg/src/RcppExports.cpp:50:126: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
bool C_is_bimera(std::string sq, std::vector<std::string> pars, bool allow_one_off, int min_one_off_par_dist, int match, int mismatch, int gap_p, int max_shift);
data/r-bioc-dada2-1.18.0+dfsg/src/RcppExports.cpp:60:48: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
Rcpp::traits::input_parameter< int >::type mismatch(mismatchSEXP);
data/r-bioc-dada2-1.18.0+dfsg/src/RcppExports.cpp:63:100: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
rcpp_result_gen = Rcpp::wrap(C_is_bimera(sq, pars, allow_one_off, min_one_off_par_dist, match, mismatch, gap_p, max_shift));
data/r-bioc-dada2-1.18.0+dfsg/src/RcppExports.cpp:68:182: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
Rcpp::DataFrame C_table_bimera2(Rcpp::IntegerMatrix mat, std::vector<std::string> seqs, double min_fold, int min_abund, bool allow_one_off, int min_one_off_par_dist, int match, int mismatch, int gap_p, int max_shift);
data/r-bioc-dada2-1.18.0+dfsg/src/RcppExports.cpp:80:48: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
Rcpp::traits::input_parameter< int >::type mismatch(mismatchSEXP);
data/r-bioc-dada2-1.18.0+dfsg/src/RcppExports.cpp:83:126: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
rcpp_result_gen = Rcpp::wrap(C_table_bimera2(mat, seqs, min_fold, min_abund, allow_one_off, min_one_off_par_dist, match, mismatch, gap_p, max_shift));
data/r-bioc-dada2-1.18.0+dfsg/src/RcppExports.cpp:88:80: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
Rcpp::CharacterVector C_nwalign(std::string s1, std::string s2, int match, int mismatch, int gap_p, int homo_gap_p, int band, bool endsfree);
data/r-bioc-dada2-1.18.0+dfsg/src/RcppExports.cpp:96:48: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
Rcpp::traits::input_parameter< int >::type mismatch(mismatchSEXP);
data/r-bioc-dada2-1.18.0+dfsg/src/RcppExports.cpp:101:59: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
rcpp_result_gen = Rcpp::wrap(C_nwalign(s1, s2, match, mismatch, gap_p, homo_gap_p, band, endsfree));
data/r-bioc-dada2-1.18.0+dfsg/src/RcppExports.cpp:221:112: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
Rcpp::CharacterVector C_nwvec(std::vector<std::string> s1, std::vector<std::string> s2, int16_t match, int16_t mismatch, int16_t gap_p, int band, bool endsfree);
data/r-bioc-dada2-1.18.0+dfsg/src/RcppExports.cpp:229:52: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
Rcpp::traits::input_parameter< int16_t >::type mismatch(mismatchSEXP);
data/r-bioc-dada2-1.18.0+dfsg/src/RcppExports.cpp:233:57: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
rcpp_result_gen = Rcpp::wrap(C_nwvec(s1, s2, match, mismatch, gap_p, band, endsfree));
data/r-bioc-dada2-1.18.0+dfsg/src/Rmain.cpp:18:28: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
int match, int mismatch, int gap_pen, int homo_gap_pen, bool use_kmers, double kdist_cutoff, int band_size,
data/r-bioc-dada2-1.18.0+dfsg/src/Rmain.cpp:31:40: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
int match, int mismatch, int gap,
data/r-bioc-dada2-1.18.0+dfsg/src/Rmain.cpp:164:27: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
match, mismatch, gap, homo_gap, use_kmers, kdist_cutoff, band_size,
data/r-bioc-dada2-1.18.0+dfsg/src/Rmain.cpp:186:16: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
int match, mismatch, gap, homo_gap;
data/r-bioc-dada2-1.18.0+dfsg/src/Rmain.cpp:194:36: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
int match, int mismatch, int gap, int homo_gap,
data/r-bioc-dada2-1.18.0+dfsg/src/Rmain.cpp:196:65: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
: b(b), subs(subs), birth_subs(birth_subs), match(match), mismatch(mismatch), gap(gap), homo_gap(homo_gap),
data/r-bioc-dada2-1.18.0+dfsg/src/Rmain.cpp:196:74: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
: b(b), subs(subs), birth_subs(birth_subs), match(match), mismatch(mismatch), gap(gap), homo_gap(homo_gap),
data/r-bioc-dada2-1.18.0+dfsg/src/Rmain.cpp:206:68: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
subs[raw->index] = sub_new(b->bi[i]->center, raw, match, mismatch, gap, homo_gap, false, 1.0, band_size, vectorized_alignment, SSE, gapless);
data/r-bioc-dada2-1.18.0+dfsg/src/Rmain.cpp:211:99: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
birth_subs[i] = sub_new(b->bi[b->bi[i]->birth_comp.i]->center, b->bi[i]->center, match, mismatch, gap, homo_gap, use_kmers, 1.0, band_size, vectorized_alignment, SSE, gapless);
data/r-bioc-dada2-1.18.0+dfsg/src/Rmain.cpp:218:70: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
FinalSubsParallel finalSubsParallel(bb, subs, birth_subs, match, mismatch, gap, homo_gap, band_size, use_kmers, vectorized_alignment, SSE, gapless);
data/r-bioc-dada2-1.18.0+dfsg/src/Rmain.cpp:225:67: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
subs[raw->index] = sub_new(bb->bi[i]->center, raw, match, mismatch, gap, homo_gap, false, 1.0, band_size, vectorized_alignment, SSE, gapless);
data/r-bioc-dada2-1.18.0+dfsg/src/Rmain.cpp:230:100: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
birth_subs[i] = sub_new(bb->bi[bb->bi[i]->birth_comp.i]->center, bb->bi[i]->center, match, mismatch, gap, homo_gap, use_kmers, 1.0, band_size, vectorized_alignment, SSE, gapless);
data/r-bioc-dada2-1.18.0+dfsg/src/Rmain.cpp:295:28: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
int match, int mismatch, int gap_pen, int homo_gap_pen, bool use_kmers, double kdist_cutoff, int band_size,
data/r-bioc-dada2-1.18.0+dfsg/src/Rmain.cpp:306:62: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if(multithread) { b_compare_parallel(bb, 0, errMat, match, mismatch, gap_pen, homo_gap_pen, use_kmers, 1.0, band_size, vectorized_alignment, SSE, gapless, greedy, verbose); }
data/r-bioc-dada2-1.18.0+dfsg/src/Rmain.cpp:307:42: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
else { b_compare(bb, 0, errMat, match, mismatch, gap_pen, homo_gap_pen, use_kmers, 1.0, band_size, vectorized_alignment, SSE, gapless, greedy, verbose); }
data/r-bioc-dada2-1.18.0+dfsg/src/Rmain.cpp:315:67: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if(multithread) { b_compare_parallel(bb, newi, errMat, match, mismatch, gap_pen, homo_gap_pen, use_kmers, kdist_cutoff, band_size, vectorized_alignment, SSE, gapless, greedy, verbose); }
data/r-bioc-dada2-1.18.0+dfsg/src/Rmain.cpp:316:47: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
else { b_compare(bb, newi, errMat, match, mismatch, gap_pen, homo_gap_pen, use_kmers, kdist_cutoff, band_size, vectorized_alignment, SSE, gapless, greedy, verbose); }
data/r-bioc-dada2-1.18.0+dfsg/src/chimera.cpp:18:126: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
bool C_is_bimera(std::string sq, std::vector<std::string> pars, bool allow_one_off, int min_one_off_par_dist, int match, int mismatch, int gap_p, int max_shift) {
data/r-bioc-dada2-1.18.0+dfsg/src/chimera.cpp:26:117: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
al = nwalign_vectorized2(sq.c_str(), sq.length(), pars[i].c_str(), pars[i].length(), (int16_t) match, (int16_t) mismatch, (int16_t) gap_p, 0, max_shift); // Remember, alignments must be freed!
data/r-bioc-dada2-1.18.0+dfsg/src/chimera.cpp:76:7: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
int mismatch;
data/r-bioc-dada2-1.18.0+dfsg/src/chimera.cpp:84:34: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
int match, int mismatch, int gap_p, int max_shift)
data/r-bioc-dada2-1.18.0+dfsg/src/chimera.cpp:86:95: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
allow_one_off(allow_one_off), min_one_off_par_dist(min_one_off_par_dist), match(match), mismatch(mismatch),
data/r-bioc-dada2-1.18.0+dfsg/src/chimera.cpp:86:104: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
allow_one_off(allow_one_off), min_one_off_par_dist(min_one_off_par_dist), match(match), mismatch(mismatch),
data/r-bioc-dada2-1.18.0+dfsg/src/chimera.cpp:122:137: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
al = nwalign_vectorized2(seqs[j].c_str(), seqs[j].length(), seqs[k].c_str(), seqs[k].length(), (int16_t) match, (int16_t) mismatch, (int16_t) gap_p, 0, max_shift); // Remember, alignments must be freed!
data/r-bioc-dada2-1.18.0+dfsg/src/chimera.cpp:179:182: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
Rcpp::DataFrame C_table_bimera2(Rcpp::IntegerMatrix mat, std::vector<std::string> seqs, double min_fold, int min_abund, bool allow_one_off, int min_one_off_par_dist, int match, int mismatch, int gap_p, int max_shift) {
data/r-bioc-dada2-1.18.0+dfsg/src/chimera.cpp:188:42: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
match, mismatch, gap_p, max_shift);
data/r-bioc-dada2-1.18.0+dfsg/src/chimera.cpp:198:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len=strlen(seq2);
data/r-bioc-dada2-1.18.0+dfsg/src/chimera.cpp:229:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(al[0]);
data/r-bioc-dada2-1.18.0+dfsg/src/cluster.cpp:14:31: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
int match, int mismatch, int gap_pen, int homo_gap_pen,
data/r-bioc-dada2-1.18.0+dfsg/src/cluster.cpp:61:51: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
sub = sub_new(b->bi[i]->center, raw, match, mismatch, gap_pen, homo_gap_pen, use_kmers, kdist_cutoff, band_size, vectorized_alignment, SSE, gapless);
data/r-bioc-dada2-1.18.0+dfsg/src/cluster.cpp:102:14: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
int match, mismatch, gap_pen, homo_gap_pen;
data/r-bioc-dada2-1.18.0+dfsg/src/cluster.cpp:112:34: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
int match, int mismatch, int gap_pen, int homo_gap_pen,
data/r-bioc-dada2-1.18.0+dfsg/src/cluster.cpp:116:21: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
match(match), mismatch(mismatch), gap_pen(gap_pen), homo_gap_pen(homo_gap_pen),
data/r-bioc-dada2-1.18.0+dfsg/src/cluster.cpp:116:30: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
match(match), mismatch(mismatch), gap_pen(gap_pen), homo_gap_pen(homo_gap_pen),
data/r-bioc-dada2-1.18.0+dfsg/src/cluster.cpp:132:53: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
sub = sub_new(b->bi[i]->center, raw, match, mismatch, gap_pen, homo_gap_pen, use_kmers, kdist_cutoff, band_size, vectorized_alignment, SSE, gapless);
data/r-bioc-dada2-1.18.0+dfsg/src/cluster.cpp:153:40: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
int match, int mismatch, int gap_pen, int homo_gap_pen,
data/r-bioc-dada2-1.18.0+dfsg/src/cluster.cpp:175:70: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
CompareParallel compareParallel(b, i, err_mat, ncol, comps, match, mismatch, gap_pen, homo_gap_pen, use_kmers, kdist_cutoff, band_size, vectorized_alignment, SSE, gapless, greedy);
data/r-bioc-dada2-1.18.0+dfsg/src/cluster.cpp:319:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(b->bi[i]->birth_type, "A");
data/r-bioc-dada2-1.18.0+dfsg/src/cluster.cpp:335:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(b->bi[i]->birth_type, "P");
data/r-bioc-dada2-1.18.0+dfsg/src/containers.cpp:23:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
raw->seq = (char *) malloc(strlen(seq)+1); //E
data/r-bioc-dada2-1.18.0+dfsg/src/containers.cpp:27:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
raw->length = strlen(seq);
data/r-bioc-dada2-1.18.0+dfsg/src/containers.cpp:61:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(bi->seq, "");
data/r-bioc-dada2-1.18.0+dfsg/src/containers.cpp:122:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(b->bi[0]->birth_type, "I");
data/r-bioc-dada2-1.18.0+dfsg/src/dada.h:133:81: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
void b_compare(B *b, unsigned int i, Rcpp::NumericMatrix errMat, int match, int mismatch, int gap_pen, int homo_gap_pen, bool use_kmers, double kdist_cutoff, int band_size, bool vectorized_alignment, int SSE, bool gapless, bool greedy, bool verbose);
data/r-bioc-dada2-1.18.0+dfsg/src/dada.h:134:90: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
void b_compare_parallel(B *b, unsigned int i, Rcpp::NumericMatrix errMat, int match, int mismatch, int gap_pen, int homo_gap_pen, bool use_kmers, double kdist_cutoff, int band_size, bool vectorized_alignment, int SSE, bool gapless, bool greedy, bool verbose);
data/r-bioc-dada2-1.18.0+dfsg/src/dada.h:155:109: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
char **nwalign_vectorized2(const char *s1, size_t len1, const char *s2, size_t len2, int16_t match, int16_t mismatch, int16_t gap_p, int16_t end_gap_p, int band);
data/r-bioc-dada2-1.18.0+dfsg/src/dada.h:157:55: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
char **raw_align(Raw *raw1, Raw *raw2, int match, int mismatch, int gap_p, int homo_gap_p, bool use_kmers,
data/r-bioc-dada2-1.18.0+dfsg/src/dada.h:159:51: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
Sub *sub_new(Raw *raw0, Raw *raw1, int match, int mismatch, int gap_p, int homo_gap_p, bool use_kmers, double kdist_cutoff,
data/r-bioc-dada2-1.18.0+dfsg/src/evaluate.cpp:18:80: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
Rcpp::CharacterVector C_nwalign(std::string s1, std::string s2, int match, int mismatch, int gap_p, int homo_gap_p, int band, bool endsfree) {
data/r-bioc-dada2-1.18.0+dfsg/src/evaluate.cpp:32:30: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
else { c_score[i][j] = mismatch; }
data/r-bioc-dada2-1.18.0+dfsg/src/evaluate.cpp:74:14: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
int match, mismatch, indel, start, end;
data/r-bioc-dada2-1.18.0+dfsg/src/evaluate.cpp:111:90: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
Rcpp::IntegerVector rval = Rcpp::IntegerVector::create(_["match"]=match, _["mismatch"]=mismatch, _["indel"]=indel);
data/r-bioc-dada2-1.18.0+dfsg/src/evaluate.cpp:185:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int i, pos, strlen;
data/r-bioc-dada2-1.18.0+dfsg/src/evaluate.cpp:194:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(pos=0; pos<strlen; pos++) {
data/r-bioc-dada2-1.18.0+dfsg/src/kmers.cpp:144:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(seq);
data/r-bioc-dada2-1.18.0+dfsg/src/kmers.cpp:193:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(seq);
data/r-bioc-dada2-1.18.0+dfsg/src/kmers.cpp:232:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(seq);
data/r-bioc-dada2-1.18.0+dfsg/src/misc.cpp:24:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(int i=0;i<strlen(al0);i++) {
data/r-bioc-dada2-1.18.0+dfsg/src/misc.cpp:39:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int i, len = strlen(iseq);
data/r-bioc-dada2-1.18.0+dfsg/src/misc.cpp:72:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int i, len = strlen(iseq);
data/r-bioc-dada2-1.18.0+dfsg/src/misc.cpp:109:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *oseq = (char *) malloc(strlen(iseq)+1); //E
data/r-bioc-dada2-1.18.0+dfsg/src/misc.cpp:118:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *oseq = (char *) malloc(strlen(iseq)+1); //E
data/r-bioc-dada2-1.18.0+dfsg/src/nwalign_endsfree.cpp:10:55: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
char **raw_align(Raw *raw1, Raw *raw2, int match, int mismatch, int gap_p, int homo_gap_p, bool use_kmers, double kdist_cutoff, int band, bool vectorized_alignment, int SSE, bool gapless) {
data/r-bioc-dada2-1.18.0+dfsg/src/nwalign_endsfree.cpp:47:36: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
score[i][j] = i==j ? match : mismatch;
data/r-bioc-dada2-1.18.0+dfsg/src/nwalign_endsfree.cpp:58:107: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
al = nwalign_vectorized2(raw1->seq, raw1->length, raw2->seq, raw2->length, (int16_t) match, (int16_t) mismatch, (int16_t) gap_p, 0, band);
data/r-bioc-dada2-1.18.0+dfsg/src/nwalign_endsfree.cpp:587:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
align_length = strlen(al[0]);
data/r-bioc-dada2-1.18.0+dfsg/src/nwalign_endsfree.cpp:642:51: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
Sub *sub_new(Raw *raw0, Raw *raw1, int match, int mismatch, int gap_p, int homo_gap_p, bool use_kmers, double kdist_cutoff, int band, bool vectorized_alignment, int SSE, bool gapless) {
data/r-bioc-dada2-1.18.0+dfsg/src/nwalign_endsfree.cpp:647:37: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
al = raw_align(raw0, raw1, match, mismatch, gap_p, homo_gap_p, use_kmers, kdist_cutoff, band, vectorized_alignment, SSE, gapless);
data/r-bioc-dada2-1.18.0+dfsg/src/nwalign_vectorized.cpp:71:109: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
char **nwalign_vectorized2(const char *s1, size_t len1, const char *s2, size_t len2, int16_t match, int16_t mismatch, int16_t gap_p, int16_t end_gap_p, int band) {
data/r-bioc-dada2-1.18.0+dfsg/src/nwalign_vectorized.cpp:107:42: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
int16_t fill_val = INT16_MIN - MIN(MIN(mismatch, gap_p), MIN(match, 0));
data/r-bioc-dada2-1.18.0+dfsg/src/nwalign_vectorized.cpp:166:73: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
diag_buf[col] = d[(row-2)*ncol + col] + (s1[i] == s2[j] ? match : mismatch);
data/r-bioc-dada2-1.18.0+dfsg/src/nwalign_vectorized.cpp:322:112: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
Rcpp::CharacterVector C_nwvec(std::vector<std::string> s1, std::vector<std::string> s2, int16_t match, int16_t mismatch, int16_t gap_p, int band, bool endsfree) {
data/r-bioc-dada2-1.18.0+dfsg/src/nwalign_vectorized.cpp:332:101: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
al = nwalign_vectorized2(s1[i].c_str(), s1[i].length(), s2[i].c_str(), s2[i].length(), match, mismatch, gap_p, 0, (size_t) band);
data/r-bioc-dada2-1.18.0+dfsg/src/nwalign_vectorized.cpp:334:101: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
al = nwalign_vectorized2(s1[i].c_str(), s1[i].length(), s2[i].c_str(), s2[i].length(), match, mismatch, gap_p, gap_p, (size_t) band);
data/r-bioc-dada2-1.18.0+dfsg/src/taxonomy.cpp:37:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int len = strlen(seq);
data/r-bioc-dada2-1.18.0+dfsg/src/taxonomy.cpp:58:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int len = strlen(seq);
ANALYSIS SUMMARY:
Hits = 127
Lines analyzed = 4552 in approximately 0.16 seconds (28351 lines/second)
Physical Source Lines of Code (SLOC) = 3387
Hits@level = [0] 0 [1] 91 [2] 31 [3] 0 [4] 5 [5] 0
Hits@level+ = [0+] 127 [1+] 127 [2+] 36 [3+] 5 [4+] 5 [5+] 0
Hits/KSLOC@level+ = [0+] 37.4963 [1+] 37.4963 [2+] 10.6289 [3+] 1.47623 [4+] 1.47623 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.