Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/reapr-1.0.18+dfsg/src/bam2fragCov.cpp
Examining data/reapr-1.0.18+dfsg/src/bam2insert.cpp
Examining data/reapr-1.0.18+dfsg/src/coveragePlot.cpp
Examining data/reapr-1.0.18+dfsg/src/errorWindow.cpp
Examining data/reapr-1.0.18+dfsg/src/fa2gaps.cpp
Examining data/reapr-1.0.18+dfsg/src/fa2gc.cpp
Examining data/reapr-1.0.18+dfsg/src/fasta.cpp
Examining data/reapr-1.0.18+dfsg/src/histogram.cpp
Examining data/reapr-1.0.18+dfsg/src/make_plots.cpp
Examining data/reapr-1.0.18+dfsg/src/n50.cpp
Examining data/reapr-1.0.18+dfsg/src/scaff2contig.cpp
Examining data/reapr-1.0.18+dfsg/src/trianglePlot.cpp
Examining data/reapr-1.0.18+dfsg/src/utils.cpp
Examining data/reapr-1.0.18+dfsg/src/coveragePlot.h
Examining data/reapr-1.0.18+dfsg/src/errorWindow.h
Examining data/reapr-1.0.18+dfsg/src/fasta.h
Examining data/reapr-1.0.18+dfsg/src/histogram.h
Examining data/reapr-1.0.18+dfsg/src/trianglePlot.h
Examining data/reapr-1.0.18+dfsg/src/task_gapresize.cpp
Examining data/reapr-1.0.18+dfsg/src/bam2fcdEstimate.cpp
Examining data/reapr-1.0.18+dfsg/src/bam2perfect.cpp
Examining data/reapr-1.0.18+dfsg/src/task_break.cpp
Examining data/reapr-1.0.18+dfsg/src/task_score.cpp
Examining data/reapr-1.0.18+dfsg/src/task_stats.cpp
Examining data/reapr-1.0.18+dfsg/src/utils.h
Examining data/reapr-1.0.18+dfsg/src/task_fcdrate.cpp
FINAL RESULTS:
data/reapr-1.0.18+dfsg/src/utils.cpp:64:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system(NULL))
data/reapr-1.0.18+dfsg/src/utils.cpp:66:23: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
int retcode = system(cmd.c_str());
data/reapr-1.0.18+dfsg/src/bam2fcdEstimate.cpp:178:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.maxSamples = atoi(argv[i+1]);
data/reapr-1.0.18+dfsg/src/bam2fcdEstimate.cpp:182:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.sampleStep = atoi(argv[i+1]);
data/reapr-1.0.18+dfsg/src/bam2fcdEstimate.cpp:200:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.maxInsert = atoi(argv[i+2]);
data/reapr-1.0.18+dfsg/src/bam2fragCov.cpp:159:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.sample = atoi(argv[i+1]);
data/reapr-1.0.18+dfsg/src/bam2fragCov.cpp:176:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.minInsert = atoi(argv[i+1]);
data/reapr-1.0.18+dfsg/src/bam2fragCov.cpp:177:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.maxInsert = atoi(argv[i+2]);
data/reapr-1.0.18+dfsg/src/bam2insert.cpp:158:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.binWidth = atoi(argv[i+1]);
data/reapr-1.0.18+dfsg/src/bam2insert.cpp:162:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.minInsert = atoi(argv[i+1]);
data/reapr-1.0.18+dfsg/src/bam2insert.cpp:166:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.maxInsert = atoi(argv[i+1]);
data/reapr-1.0.18+dfsg/src/bam2insert.cpp:170:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.sample = atoi(argv[i+1]);
data/reapr-1.0.18+dfsg/src/bam2perfect.cpp:199:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.minInsert = atoi(argv[i+2]);
data/reapr-1.0.18+dfsg/src/bam2perfect.cpp:200:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.maxInsert = atoi(argv[i+3]);
data/reapr-1.0.18+dfsg/src/bam2perfect.cpp:201:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.maxRepetitiveQuality = atoi(argv[i+4]);
data/reapr-1.0.18+dfsg/src/bam2perfect.cpp:202:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.minPerfectQuality = atoi(argv[i+5]);
data/reapr-1.0.18+dfsg/src/bam2perfect.cpp:203:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.perfectAlignmentScore = atoi(argv[i+6]);
data/reapr-1.0.18+dfsg/src/fa2gc.cpp:171:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.windowWidth = atoi(argv[i+1]);
data/reapr-1.0.18+dfsg/src/n50.cpp:76:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.minLength = atoi(argv[ops.infileStartIndex + 1]);
data/reapr-1.0.18+dfsg/src/scaff2contig.cpp:24:43: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
unsigned long minLength = argc == 3 ? atoi(argv[2]) : 1;
data/reapr-1.0.18+dfsg/src/task_break.cpp:81:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
unsigned long start = atoi(d[0].c_str()) - 1;
data/reapr-1.0.18+dfsg/src/task_break.cpp:82:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
unsigned long end = atoi(d[1].c_str()) - 1;
data/reapr-1.0.18+dfsg/src/task_break.cpp:97:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
unsigned long start = atoi(d[0].c_str()) - 1;
data/reapr-1.0.18+dfsg/src/task_break.cpp:98:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
unsigned long end = atoi(d[1].c_str()) - 1;
data/reapr-1.0.18+dfsg/src/task_break.cpp:106:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
unsigned long start = atoi(v[3].c_str()) - 1;
data/reapr-1.0.18+dfsg/src/task_break.cpp:107:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
unsigned long end = atoi(v[4].c_str()) - 1;
data/reapr-1.0.18+dfsg/src/task_break.cpp:161:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
inStream.open(options.fastaIn.c_str());
data/reapr-1.0.18+dfsg/src/task_break.cpp:169:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outStreamFasta.open(fastaOut.c_str());
data/reapr-1.0.18+dfsg/src/task_break.cpp:177:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outStreamBin.open(binOut.c_str());
data/reapr-1.0.18+dfsg/src/task_break.cpp:392:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.minScaffLength = atoi(argv[i+1]);
data/reapr-1.0.18+dfsg/src/task_break.cpp:396:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.minMainScaffLength = atoi(argv[i+1]);
data/reapr-1.0.18+dfsg/src/task_break.cpp:400:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.breakContigsTrim = atoi(argv[i+1]);
data/reapr-1.0.18+dfsg/src/task_fcdrate.cpp:184:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ofs.open(outfile.c_str());
data/reapr-1.0.18+dfsg/src/task_fcdrate.cpp:260:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.windowWidth = atoi(argv[i+1]);
data/reapr-1.0.18+dfsg/src/task_fcdrate.cpp:264:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.windowPercentCutoff = atoi(argv[i+1]);
data/reapr-1.0.18+dfsg/src/task_fcdrate.cpp:268:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.windowStep = atoi(argv[i+1]);
data/reapr-1.0.18+dfsg/src/task_fcdrate.cpp:272:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.maxWindows = atoi(argv[i+1]);
data/reapr-1.0.18+dfsg/src/task_fcdrate.cpp:373:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return (unsigned long)atoi(v[1].c_str());
data/reapr-1.0.18+dfsg/src/task_gapresize.cpp:216:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.minGapToResize = atoi(argv[i+1]);;
data/reapr-1.0.18+dfsg/src/task_gapresize.cpp:235:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.aveFragLength = atoi(argv[i+2]);
data/reapr-1.0.18+dfsg/src/task_gapresize.cpp:236:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.maxFragLength = atoi(argv[i+3]);
data/reapr-1.0.18+dfsg/src/task_score.cpp:169:24: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
options.ofs_breaks.open(fout_breaks.c_str());
data/reapr-1.0.18+dfsg/src/task_score.cpp:242:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
p->second.clear(atoi(data[POS].c_str()));
data/reapr-1.0.18+dfsg/src/task_score.cpp:249:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(data[PERFECT_COV].c_str()) > 0)
data/reapr-1.0.18+dfsg/src/task_score.cpp:274:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
p->second.add( atoi(data[POS].c_str()), atoi(data[READ_F].c_str()) + atoi(data[READ_R].c_str()) );
data/reapr-1.0.18+dfsg/src/task_score.cpp:274:57: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
p->second.add( atoi(data[POS].c_str()), atoi(data[READ_F].c_str()) + atoi(data[READ_R].c_str()) );
data/reapr-1.0.18+dfsg/src/task_score.cpp:274:86: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
p->second.add( atoi(data[POS].c_str()), atoi(data[READ_F].c_str()) + atoi(data[READ_R].c_str()) );
data/reapr-1.0.18+dfsg/src/task_score.cpp:278:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
p->second.add(atoi(data[POS].c_str()), atof(data[p->first].c_str()) );
data/reapr-1.0.18+dfsg/src/task_score.cpp:302:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
unsigned long depthFwd = atoi(data[READ_F].c_str());
data/reapr-1.0.18+dfsg/src/task_score.cpp:303:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
unsigned long depthRev = atoi(data[READ_R].c_str());
data/reapr-1.0.18+dfsg/src/task_score.cpp:312:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
err.start = err.end = atoi(data[POS].c_str());
data/reapr-1.0.18+dfsg/src/task_score.cpp:319:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lastPos = atoi(data[POS].c_str());
data/reapr-1.0.18+dfsg/src/task_score.cpp:427:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.minInsert = atoi(v[1].c_str());
data/reapr-1.0.18+dfsg/src/task_score.cpp:431:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.maxInsert = atoi(v[1].c_str());
data/reapr-1.0.18+dfsg/src/task_score.cpp:435:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
usePerfect = atoi(v[1].c_str()) == 1 ? 5 : 0;
data/reapr-1.0.18+dfsg/src/task_score.cpp:440:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.outerInsertSize = atoi(v[1].c_str());
data/reapr-1.0.18+dfsg/src/task_score.cpp:488:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.fragMin = atoi(argv[i+1]);
data/reapr-1.0.18+dfsg/src/task_score.cpp:492:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.maxGap = atoi(argv[i+1]);
data/reapr-1.0.18+dfsg/src/task_score.cpp:496:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.windowLength = atoi(argv[i+1]);
data/reapr-1.0.18+dfsg/src/task_score.cpp:505:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.usePerfect = atoi(argv[i+1]);
data/reapr-1.0.18+dfsg/src/task_score.cpp:514:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.usePerfect = atoi(argv[i+1]);
data/reapr-1.0.18+dfsg/src/task_score.cpp:528:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.minReadCov = atoi(argv[i+1]);
data/reapr-1.0.18+dfsg/src/task_score.cpp:536:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.fcdWindow = atoi(argv[i+1]);
data/reapr-1.0.18+dfsg/src/task_stats.cpp:163:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
options.plot_ofs.open(plots_outfile.c_str());
data/reapr-1.0.18+dfsg/src/task_stats.cpp:508:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.binWidth = atoi(argv[i+1]);
data/reapr-1.0.18+dfsg/src/task_stats.cpp:510:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.aveFragmentLength = atoi(argv[i+1]);
data/reapr-1.0.18+dfsg/src/task_stats.cpp:512:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.minInsert = atoi(argv[i+1]);
data/reapr-1.0.18+dfsg/src/task_stats.cpp:514:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.maxInsert = atoi(argv[i+1]);
data/reapr-1.0.18+dfsg/src/task_stats.cpp:516:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.maxReadLength = atoi(argv[i+1]);
data/reapr-1.0.18+dfsg/src/task_stats.cpp:539:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.rangeStart = atoi(locus.substr(pos_colon + 1, pos_dash - pos_colon).c_str());
data/reapr-1.0.18+dfsg/src/task_stats.cpp:540:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.rangeEnd = atoi(locus.substr(pos_dash + 1).c_str());
data/reapr-1.0.18+dfsg/src/task_stats.cpp:552:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.areaSkip = atoi(argv[i+1]);
data/reapr-1.0.18+dfsg/src/task_stats.cpp:556:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.printPlotsSkip = atoi(argv[i+1]);
data/reapr-1.0.18+dfsg/src/task_stats.cpp:558:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.printPlotsStart = atoi(argv[i+3]);
data/reapr-1.0.18+dfsg/src/task_stats.cpp:559:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.printPlotsEnd = atoi(argv[i+4]);
data/reapr-1.0.18+dfsg/src/task_stats.cpp:641:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.minInsert = atoi(v[1].c_str());
data/reapr-1.0.18+dfsg/src/task_stats.cpp:645:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.aveFragmentLength = atoi(v[1].c_str());
data/reapr-1.0.18+dfsg/src/task_stats.cpp:649:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ops.maxInsert = atoi(v[1].c_str());
data/reapr-1.0.18+dfsg/src/task_stats.cpp:864:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
v_in.push_back(atoi(data[2].c_str()));
data/reapr-1.0.18+dfsg/src/task_stats.cpp:897:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
unsigned int gc = atoi(tmp[0].c_str());
data/reapr-1.0.18+dfsg/src/task_stats.cpp:927:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
v_in.push_back(atoi(tmp[2].c_str()));
data/reapr-1.0.18+dfsg/src/utils.cpp:44:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
gaps[data[0]].push_back( make_pair(atoi(data[1].c_str()) - 1, atoi(data[2].c_str()) - 1) );
data/reapr-1.0.18+dfsg/src/utils.cpp:44:71: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
gaps[data[0]].push_back( make_pair(atoi(data[1].c_str()) - 1, atoi(data[2].c_str()) - 1) );
data/reapr-1.0.18+dfsg/src/utils.cpp:104:42: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
seqs.push_back(make_pair(tmp[0], atoi(tmp[1].c_str())));
ANALYSIS SUMMARY:
Hits = 84
Lines analyzed = 6134 in approximately 0.15 seconds (40041 lines/second)
Physical Source Lines of Code (SLOC) = 4732
Hits@level = [0] 0 [1] 0 [2] 82 [3] 0 [4] 2 [5] 0
Hits@level+ = [0+] 84 [1+] 84 [2+] 84 [3+] 2 [4+] 2 [5+] 0
Hits/KSLOC@level+ = [0+] 17.7515 [1+] 17.7515 [2+] 17.7515 [3+] 0.422654 [4+] 0.422654 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.