Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/sniffles-1.0.12b+ds/src/Alignment.cpp
Examining data/sniffles-1.0.12b+ds/src/Alignment.h
Examining data/sniffles-1.0.12b+ds/src/ArgParseOutput.h
Examining data/sniffles-1.0.12b+ds/src/BamParser.cpp
Examining data/sniffles-1.0.12b+ds/src/BamParser.h
Examining data/sniffles-1.0.12b+ds/src/Genotyper/Genotyper.cpp
Examining data/sniffles-1.0.12b+ds/src/Genotyper/Genotyper.h
Examining data/sniffles-1.0.12b+ds/src/Ignore_Regions.cpp
Examining data/sniffles-1.0.12b+ds/src/Ignore_Regions.h
Examining data/sniffles-1.0.12b+ds/src/Paramer.h
Examining data/sniffles-1.0.12b+ds/src/Parser.h
Examining data/sniffles-1.0.12b+ds/src/Sniffles.cpp
Examining data/sniffles-1.0.12b+ds/src/Version.h
Examining data/sniffles-1.0.12b+ds/src/cluster/Cluster_SVs.cpp
Examining data/sniffles-1.0.12b+ds/src/cluster/Cluster_SVs.h
Examining data/sniffles-1.0.12b+ds/src/force_calling/Force_calling.cpp
Examining data/sniffles-1.0.12b+ds/src/force_calling/Force_calling.h
Examining data/sniffles-1.0.12b+ds/src/force_calling/VCF_parser.cpp
Examining data/sniffles-1.0.12b+ds/src/force_calling/VCF_parser.h
Examining data/sniffles-1.0.12b+ds/src/plane-sweep/IContainer.h
Examining data/sniffles-1.0.12b+ds/src/plane-sweep/Main.cpp
Examining data/sniffles-1.0.12b+ds/src/plane-sweep/MyHeap.cpp
Examining data/sniffles-1.0.12b+ds/src/plane-sweep/MyHeap.h
Examining data/sniffles-1.0.12b+ds/src/plane-sweep/MyList.cpp
Examining data/sniffles-1.0.12b+ds/src/plane-sweep/MyList.h
Examining data/sniffles-1.0.12b+ds/src/plane-sweep/Node.h
Examining data/sniffles-1.0.12b+ds/src/plane-sweep/Plane-sweep.h
Examining data/sniffles-1.0.12b+ds/src/plane-sweep/PlaneSweep.cpp
Examining data/sniffles-1.0.12b+ds/src/plane-sweep/PlaneSweep_slim.cpp
Examining data/sniffles-1.0.12b+ds/src/plane-sweep/PlaneSweep_slim.h
Examining data/sniffles-1.0.12b+ds/src/print/BedpePrinter.cpp
Examining data/sniffles-1.0.12b+ds/src/print/BedpePrinter.h
Examining data/sniffles-1.0.12b+ds/src/print/IPrinter.cpp
Examining data/sniffles-1.0.12b+ds/src/print/IPrinter.h
Examining data/sniffles-1.0.12b+ds/src/print/NGMPrinter.cpp
Examining data/sniffles-1.0.12b+ds/src/print/NGMPrinter.h
Examining data/sniffles-1.0.12b+ds/src/print/VCFPrinter.cpp
Examining data/sniffles-1.0.12b+ds/src/print/VCFPrinter.h
Examining data/sniffles-1.0.12b+ds/src/realign/IAlignment.h
Examining data/sniffles-1.0.12b+ds/src/realign/Realign.cpp
Examining data/sniffles-1.0.12b+ds/src/realign/Realign.h
Examining data/sniffles-1.0.12b+ds/src/realign/SWCPU.cpp
Examining data/sniffles-1.0.12b+ds/src/realign/SWCPU.h
Examining data/sniffles-1.0.12b+ds/src/sub/Breakpoint.cpp
Examining data/sniffles-1.0.12b+ds/src/sub/Breakpoint.h
Examining data/sniffles-1.0.12b+ds/src/sub/Container.h
Examining data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp
Examining data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.h
Examining data/sniffles-1.0.12b+ds/src/sub/IRegion.h
Examining data/sniffles-1.0.12b+ds/src/tree/BinTree.cpp
Examining data/sniffles-1.0.12b+ds/src/tree/BinTree.h
Examining data/sniffles-1.0.12b+ds/src/tree/Breakpoint_Tree.cpp
Examining data/sniffles-1.0.12b+ds/src/tree/Breakpoint_Tree.h
Examining data/sniffles-1.0.12b+ds/src/tree/IntervallContainer.h
Examining data/sniffles-1.0.12b+ds/src/tree/IntervallList.cpp
Examining data/sniffles-1.0.12b+ds/src/tree/IntervallList.h
Examining data/sniffles-1.0.12b+ds/src/tree/IntervallTree.cpp
Examining data/sniffles-1.0.12b+ds/src/tree/IntervallTree.h
Examining data/sniffles-1.0.12b+ds/src/tree/Intervall_bed.h
Examining data/sniffles-1.0.12b+ds/src/tree/Leaf.h
Examining data/sniffles-1.0.12b+ds/src/tree/TNode.h
Examining data/sniffles-1.0.12b+ds/src/tree/Intervall_bed.cpp
FINAL RESULTS:
data/sniffles-1.0.12b+ds/src/Genotyper/Genotyper.cpp:343:2: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(move.c_str());
data/sniffles-1.0.12b+ds/src/Genotyper/Genotyper.cpp:382:2: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(del.c_str());
data/sniffles-1.0.12b+ds/src/Genotyper/Genotyper.cpp:719:2: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(move.c_str());
data/sniffles-1.0.12b+ds/src/Genotyper/Genotyper.cpp:858:2: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(del.c_str());
data/sniffles-1.0.12b+ds/src/cluster/Cluster_SVs.cpp:84:2: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(move.c_str());
data/sniffles-1.0.12b+ds/src/cluster/Cluster_SVs.cpp:154:2: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(del.c_str());
data/sniffles-1.0.12b+ds/src/Alignment.cpp:84:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int num = atoi(&cs[i]); //is 0 if letter!
data/sniffles-1.0.12b+ds/src/Alignment.cpp:239:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((atoi(&md[i]) == 0 && md[i] != '0')) { //is not a number
data/sniffles-1.0.12b+ds/src/Alignment.cpp:262:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pos += atoi(&md[i]);
data/sniffles-1.0.12b+ds/src/Alignment.cpp:334:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(&md[i]) == 0 && md[i] != '0') { //is not a number!
data/sniffles-1.0.12b+ds/src/Alignment.cpp:343:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pos += atoi(&md[i]);
data/sniffles-1.0.12b+ds/src/Alignment.cpp:756:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.pos = (long) atoi(&sa[i]);
data/sniffles-1.0.12b+ds/src/Alignment.cpp:765:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.mq = atoi(&sa[i]);
data/sniffles-1.0.12b+ds/src/Alignment.cpp:768:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.nm = atoi(&sa[i]);
data/sniffles-1.0.12b+ds/src/Alignment.cpp:862:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.Length = atoi(&cigar[i]);
data/sniffles-1.0.12b+ds/src/Alignment.cpp:863:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
} else if (tmp.Length != -1 && atoi(&cigar[i]) == 0 && cigar[i] != '0') {
data/sniffles-1.0.12b+ds/src/Alignment.cpp:934:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (match && atoi(&md[i + j]) == 0 && md[i + j] != '0') { //is not a number:
data/sniffles-1.0.12b+ds/src/Alignment.cpp:946:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
len += atoi(&md[i + j]);
data/sniffles-1.0.12b+ds/src/Genotyper/Genotyper.cpp:116:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
start.pos = atoi(&buffer[i]);
data/sniffles-1.0.12b+ds/src/Genotyper/Genotyper.cpp:131:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
stop.pos = atoi(&buffer[i + 5]); //stores right most breakpoint
data/sniffles-1.0.12b+ds/src/Genotyper/Genotyper.cpp:156:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
start.pos = atoi(&buffer[i]);
data/sniffles-1.0.12b+ds/src/Genotyper/Genotyper.cpp:162:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
stop.pos = atoi(&buffer[i]);
data/sniffles-1.0.12b+ds/src/Genotyper/Genotyper.cpp:192:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(Parameter::Instance()->output_vcf.c_str(), std::ifstream::in);
data/sniffles-1.0.12b+ds/src/Genotyper/Genotyper.cpp:194:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(Parameter::Instance()->output_bedpe.c_str(), std::ifstream::in);
data/sniffles-1.0.12b+ds/src/Genotyper/Genotyper.cpp:251:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(Parameter::Instance()->output_vcf.c_str(), std::ifstream::in);
data/sniffles-1.0.12b+ds/src/Genotyper/Genotyper.cpp:254:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(Parameter::Instance()->output_bedpe.c_str(), std::ifstream::in);
data/sniffles-1.0.12b+ds/src/Genotyper/Genotyper.cpp:257:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE*file = fopen(Parameter::Instance()->tmp_file.c_str(), "w"); //
data/sniffles-1.0.12b+ds/src/Genotyper/Genotyper.cpp:482:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
read_strands.first = atoi(&buffer[pos]);
data/sniffles-1.0.12b+ds/src/Genotyper/Genotyper.cpp:485:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
read_strands.second = atoi(&buffer[pos]);
data/sniffles-1.0.12b+ds/src/Genotyper/Genotyper.cpp:501:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int support = atoi(buffer.substr(pos + 1).c_str());
data/sniffles-1.0.12b+ds/src/Genotyper/Genotyper.cpp:543:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int support = atoi(tmp.substr(pos + 1).c_str());
data/sniffles-1.0.12b+ds/src/Genotyper/Genotyper.cpp:568:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pos = atoi(&buffer[i]);
data/sniffles-1.0.12b+ds/src/Genotyper/Genotyper.cpp:589:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.pos = atoi(&buffer[i]);
data/sniffles-1.0.12b+ds/src/Genotyper/Genotyper.cpp:603:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.pos2 = atoi(&buffer[i + 5]); //stores right most breakpoint
data/sniffles-1.0.12b+ds/src/Genotyper/Genotyper.cpp:626:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.pos = atoi(&buffer[i]);
data/sniffles-1.0.12b+ds/src/Genotyper/Genotyper.cpp:632:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.pos2 = atoi(&buffer[i]);
data/sniffles-1.0.12b+ds/src/Genotyper/Genotyper.cpp:650:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(Parameter::Instance()->output_vcf.c_str(), std::ifstream::in);
data/sniffles-1.0.12b+ds/src/Genotyper/Genotyper.cpp:653:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(Parameter::Instance()->output_bedpe.c_str(), std::ifstream::in);
data/sniffles-1.0.12b+ds/src/Genotyper/Genotyper.cpp:656:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE*file = fopen(Parameter::Instance()->tmp_file.c_str(), "w"); //
data/sniffles-1.0.12b+ds/src/Genotyper/Genotyper.cpp:728:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(Parameter::Instance()->output_vcf.c_str(), std::ifstream::in);
data/sniffles-1.0.12b+ds/src/Genotyper/Genotyper.cpp:730:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(Parameter::Instance()->output_bedpe.c_str(), std::ifstream::in);
data/sniffles-1.0.12b+ds/src/Genotyper/Genotyper.cpp:795:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(Parameter::Instance()->tmp_genotyp.c_str(), std::ifstream::in);
data/sniffles-1.0.12b+ds/src/Genotyper/Genotyper.cpp:808:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.chr_id = atoi(&buffer[0]);
data/sniffles-1.0.12b+ds/src/Genotyper/Genotyper.cpp:811:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.start = atoi(&buffer[i]);
data/sniffles-1.0.12b+ds/src/Genotyper/Genotyper.cpp:814:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.length = atoi(&buffer[i]);
data/sniffles-1.0.12b+ds/src/Genotyper/Genotyper.cpp:817:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.strand = atoi(&buffer[i]);
data/sniffles-1.0.12b+ds/src/Genotyper/Genotyper.cpp:862:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE * ref_allel_reads = fopen(Parameter::Instance()->tmp_genotyp.c_str(), "r");
data/sniffles-1.0.12b+ds/src/Ignore_Regions.cpp:49:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(Parameter::Instance()->ignore_regions_bed.c_str(), std::ifstream::in);
data/sniffles-1.0.12b+ds/src/Ignore_Regions.cpp:67:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
p1 = atoi(&buffer[i]);
data/sniffles-1.0.12b+ds/src/Ignore_Regions.cpp:70:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
p2 = atoi(&buffer[i]);
data/sniffles-1.0.12b+ds/src/Paramer.h:100:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.start = atoi(®[i]);
data/sniffles-1.0.12b+ds/src/Paramer.h:102:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.stop = atoi(®[i]);
data/sniffles-1.0.12b+ds/src/cluster/Cluster_SVs.cpp:11:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE * alt_allel_reads = fopen(Parameter::Instance()->tmp_phasing.c_str(), "r");
data/sniffles-1.0.12b+ds/src/cluster/Cluster_SVs.cpp:40:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(filename.c_str(), std::ifstream::in);
data/sniffles-1.0.12b+ds/src/cluster/Cluster_SVs.cpp:48:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE*file = fopen(tmp_name_file.c_str(), "w");
data/sniffles-1.0.12b+ds/src/cluster/Cluster_SVs.cpp:60:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int id = atoi(&buffer[i]);
data/sniffles-1.0.12b+ds/src/force_calling/Force_calling.cpp:121:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ref_allel_reads = fopen(Parameter::Instance()->tmp_genotyp.c_str(), "w");
data/sniffles-1.0.12b+ds/src/force_calling/VCF_parser.cpp:18:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pos.pos = atoi(&buffer[i + 5]);
data/sniffles-1.0.12b+ds/src/force_calling/VCF_parser.cpp:21:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pos.pos = atoi(&buffer[i + 4]);
data/sniffles-1.0.12b+ds/src/force_calling/VCF_parser.cpp:72:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
entries.push_back(atoi(&buffer[i]));
data/sniffles-1.0.12b+ds/src/force_calling/VCF_parser.cpp:75:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
entries.push_back(atoi(&buffer[i + 1]));
data/sniffles-1.0.12b+ds/src/force_calling/VCF_parser.cpp:140:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pos.pos = atoi(&buffer[i]);
data/sniffles-1.0.12b+ds/src/force_calling/VCF_parser.cpp:172:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
res.first += atoi(&buffer[i]);
data/sniffles-1.0.12b+ds/src/force_calling/VCF_parser.cpp:176:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
res.second += atoi(&buffer[i]);
data/sniffles-1.0.12b+ds/src/force_calling/VCF_parser.cpp:203:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
res.first += atoi(&buffer[i]);
data/sniffles-1.0.12b+ds/src/force_calling/VCF_parser.cpp:207:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
res.second += atoi(&buffer[i]);
data/sniffles-1.0.12b+ds/src/force_calling/VCF_parser.cpp:224:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
support = atoi(&buffer[i + 6]);
data/sniffles-1.0.12b+ds/src/force_calling/VCF_parser.cpp:227:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
support += atoi(&buffer[i + 4]);
data/sniffles-1.0.12b+ds/src/force_calling/VCF_parser.cpp:283:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(filename.c_str(), std::ifstream::in);
data/sniffles-1.0.12b+ds/src/force_calling/VCF_parser.cpp:319:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.start.pos = atoi(&buffer[i]);
data/sniffles-1.0.12b+ds/src/force_calling/VCF_parser.cpp:339:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.num_reads.second = atoi(&buffer[i + 4]);
data/sniffles-1.0.12b+ds/src/force_calling/VCF_parser.cpp:342:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.num_reads.second = atoi(&buffer[i + 4]);
data/sniffles-1.0.12b+ds/src/print/IPrinter.cpp:173:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/sniffles-1.0.12b+ds/src/print/IPrinter.h:70:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(Parameter::Instance()->output_vcf.c_str(), "w");
data/sniffles-1.0.12b+ds/src/print/IPrinter.h:72:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(Parameter::Instance()->output_bedpe.c_str(), "w");
data/sniffles-1.0.12b+ds/src/print/IPrinter.h:93:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tmp_file = fopen(Parameter::Instance()->tmp_phasing.c_str(), "wb");
data/sniffles-1.0.12b+ds/src/realign/Realign.cpp:12:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(Parameter::Instance()->ref_seq.c_str(), ifstream::in);
data/sniffles-1.0.12b+ds/src/realign/Realign.cpp:47:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(Parameter::Instance()->ref_seq.c_str(), ifstream::in);
data/sniffles-1.0.12b+ds/src/realign/Realign.cpp:76:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(Parameter::Instance()->ref_seq.c_str(), ifstream::in);
data/sniffles-1.0.12b+ds/src/realign/SWCPU.cpp:185:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
offset = sprintf(cigar, "%d%c", length, op);
data/sniffles-1.0.12b+ds/src/realign/SWCPU.h:56:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char trans[256] = { 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4,
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:240:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ref_allel_reads = fopen(Parameter::Instance()->tmp_genotyp.c_str(), "w");
data/sniffles-1.0.12b+ds/src/Alignment.cpp:1365:64: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
cout << "INS:" << insert << " DEL: " << del << " MIS: " << mismatch << endl;
data/sniffles-1.0.12b+ds/src/force_calling/Force_calling.cpp:57:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read_str read;
data/sniffles-1.0.12b+ds/src/force_calling/Force_calling.cpp:59:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.coordinates.first = (long) entries[i].start.pos + ref_lens[entries[i].start.chr];
data/sniffles-1.0.12b+ds/src/force_calling/Force_calling.cpp:60:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.coordinates.second = (long) entries[i].stop.pos + ref_lens[entries[i].stop.chr];
data/sniffles-1.0.12b+ds/src/force_calling/Force_calling.cpp:67:5: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.coordinates.second += (long) entries[i].sv_len;
data/sniffles-1.0.12b+ds/src/force_calling/Force_calling.cpp:71:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.SV = assign_type(entries[i].type);
data/sniffles-1.0.12b+ds/src/force_calling/Force_calling.cpp:72:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.strand = entries[i].strands;
data/sniffles-1.0.12b+ds/src/force_calling/Force_calling.cpp:73:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.type = 2; //called
data/sniffles-1.0.12b+ds/src/force_calling/Force_calling.cpp:74:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.length = entries[i].sv_len; //svs.stop.max_pos-svs.start.min_pos;//try
data/sniffles-1.0.12b+ds/src/force_calling/Force_calling.cpp:75:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
svs.support["input"] = read;
data/sniffles-1.0.12b+ds/src/force_calling/Force_calling.cpp:77:68: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
Breakpoint * br = new Breakpoint(svs, (long) entries[i].sv_len, read.SV);
data/sniffles-1.0.12b+ds/src/plane-sweep/IContainer.h:17:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual void push(Alignment * read)=0;
data/sniffles-1.0.12b+ds/src/plane-sweep/MyHeap.cpp:10:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void MyHeap::push(Alignment * read){
data/sniffles-1.0.12b+ds/src/plane-sweep/MyHeap.cpp:12:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
Node * tmp=new Node(read);
data/sniffles-1.0.12b+ds/src/plane-sweep/MyHeap.h:25:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void push(Alignment * read);
data/sniffles-1.0.12b+ds/src/plane-sweep/MyList.cpp:10:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void MyList::push(Alignment * read) {
data/sniffles-1.0.12b+ds/src/plane-sweep/MyList.cpp:11:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
Node * new_node = new Node(read);
data/sniffles-1.0.12b+ds/src/plane-sweep/MyList.h:34:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void push(Alignment * read);
data/sniffles-1.0.12b+ds/src/plane-sweep/Node.h:33:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
Node(Alignment * read){
data/sniffles-1.0.12b+ds/src/plane-sweep/Plane-sweep.h:37:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void add_read(Alignment* read);
data/sniffles-1.0.12b+ds/src/plane-sweep/PlaneSweep.cpp:21:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void PlaneSweep::add_read(Alignment* read) {
data/sniffles-1.0.12b+ds/src/plane-sweep/PlaneSweep.cpp:34:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
current_reads->push(read);
data/sniffles-1.0.12b+ds/src/print/IPrinter.cpp:220:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read && read_name[i] != '/') {
data/sniffles-1.0.12b+ds/src/print/IPrinter.cpp:224:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read = !read;
data/sniffles-1.0.12b+ds/src/realign/SWCPU.cpp:75:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for (; *read != line_end; ++read) {
data/sniffles-1.0.12b+ds/src/realign/SWCPU.cpp:75:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for (; *read != line_end; ++read) {
data/sniffles-1.0.12b+ds/src/realign/SWCPU.cpp:76:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
char read_char_cache = *read;
data/sniffles-1.0.12b+ds/src/realign/SWCPU.cpp:300:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
char const * const read, int *& fwdResults, int *& alignments,
data/sniffles-1.0.12b+ds/src/realign/SWCPU.cpp:508:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int read_length = strlen(qrySeq);
data/sniffles-1.0.12b+ds/src/realign/SWCPU.h:109:62: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
Score SW_Score(char const * const scaff, char const * const read, int * result, int corr_length, MatrixElement * mat_pointer);
data/sniffles-1.0.12b+ds/src/realign/SWCPU.h:111:71: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool Backtracking_CIGAR(char const * const scaff, char const * const read,
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:452:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read_str read;
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:454:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.type = 2;
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:456:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.type = 0;
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:458:3: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.SV = events[i].type;
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:459:3: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.sequence = events[i].sequence;
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:468:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.strand.first = (tmp->getStrand());
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:469:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.strand.second = !(tmp->getStrand());
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:471:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.strand.first = !(tmp->getStrand());
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:472:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.strand.second = (tmp->getStrand());
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:476:3: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.read_strand.first = tmp->getStrand();
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:477:3: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.read_strand.second = tmp->getStrand();
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:484:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.coordinates.first = svs.stop.max_pos;
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:485:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.coordinates.second = svs.start.min_pos;
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:487:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.coordinates.first = svs.start.min_pos;
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:488:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.coordinates.second = svs.stop.max_pos;
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:498:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
pair<bool, bool> tmp = read.strand;
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:499:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.strand.first = tmp.second;
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:500:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.strand.second = tmp.first;
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:505:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.coordinates.first = svs.stop.max_pos;
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:506:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.coordinates.second = svs.start.min_pos;
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:508:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.coordinates.first = svs.start.min_pos;
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:509:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.coordinates.second = svs.stop.max_pos;
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:513:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
svs.support[tmp->getName()] = read;
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:549:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read_str read;
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:550:3: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.sequence = "NA";
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:552:3: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.type = type;
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:553:3: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.SV = 0;
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:554:3: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.read_strand.first = events[i - 1].strand;
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:555:3: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.read_strand.second = events[i].strand;
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:561:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.strand.first = events[i - 1].strand;
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:562:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.strand.second = !events[i].strand;
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:564:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.strand.first = !events[i - 1].strand;
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:565:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.strand.second = events[i].strand;
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:597:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.sequence = reverse_complement(tmp_seq.substr(svs.read_start, svs.read_stop - svs.read_start));
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:599:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.sequence = tmp->getAlignment()->QueryBases.substr(svs.read_start, svs.read_stop - svs.read_start);
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:604:28: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cout << "Seq+:" << read.sequence << endl;
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:607:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.SV |= INS;
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:609:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.SV |= 'n';
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:614:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.SV |= DEL;
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:619:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.SV |= 'n';
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:626:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.SV |= DUP;
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:631:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.SV = 'n';
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:635:5: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.strand.first = events[i - 1].strand;
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:636:5: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.strand.second = !events[i].strand; //TODO think about this! potential not!
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:643:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.SV |= NEST;
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:659:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.SV |= INV;
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:671:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.strand.first = events[i - 1].strand;
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:672:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.strand.second = !events[i].strand;
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:692:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.SV |= TRA;
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:695:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read.SV != 'n') {
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:697:42: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
std::cout << "SPLIT: " << TRANS_type(read.SV) << " start: " << svs.start.min_pos - get_ref_lengths(events[i].RefID, ref) << " stop: " << svs.stop.max_pos - get_ref_lengths(events[i].RefID, ref);
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:721:28: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
pair<bool, bool> tmp = read.strand;
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:723:5: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.strand.first = tmp.second;
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:724:5: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.strand.second = tmp.first;
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:729:5: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.coordinates.first = svs.stop.max_pos;
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:730:5: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.coordinates.second = svs.start.min_pos;
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:732:5: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.coordinates.first = svs.start.min_pos;
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:733:5: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.coordinates.second = svs.stop.max_pos;
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:737:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.id = read_id;
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:738:34: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
svs.support[tmp->getName()] = read;
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:739:45: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
svs.support[tmp->getName()].length = abs(read.coordinates.second - read.coordinates.first);
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:739:71: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
svs.support[tmp->getName()].length = abs(read.coordinates.second - read.coordinates.first);
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:740:49: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
Breakpoint * point = new Breakpoint(svs, abs(read.coordinates.second - read.coordinates.first));
data/sniffles-1.0.12b+ds/src/sub/Detect_Breakpoints.cpp:740:75: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
Breakpoint * point = new Breakpoint(svs, abs(read.coordinates.second - read.coordinates.first));
ANALYSIS SUMMARY:
Hits = 177
Lines analyzed = 10612 in approximately 0.32 seconds (33674 lines/second)
Physical Source Lines of Code (SLOC) = 8028
Hits@level = [0] 326 [1] 95 [2] 76 [3] 0 [4] 6 [5] 0
Hits@level+ = [0+] 503 [1+] 177 [2+] 82 [3+] 6 [4+] 6 [5+] 0
Hits/KSLOC@level+ = [0+] 62.6557 [1+] 22.0478 [2+] 10.2143 [3+] 0.747384 [4+] 0.747384 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.