Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/soapsnp-1.03/call_genotype.cc
Examining data/soapsnp-1.03/chromosome.cc
Examining data/soapsnp-1.03/main.cc
Examining data/soapsnp-1.03/matrix.cc
Examining data/soapsnp-1.03/normal_dis.cc
Examining data/soapsnp-1.03/prior.cc
Examining data/soapsnp-1.03/rank_sum.cc
Examining data/soapsnp-1.03/soap_snp.h
FINAL RESULTS:
data/soapsnp-1.03/main.cc:53:11: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while((c=getopt(argc,argv,"i:d:o:z:g:p:r:e:ts:2a:b:j:k:unmqM:I:L:Q:S:F:E:T:h")) != -1) {
data/soapsnp-1.03/call_genotype.cc:36:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sites[i].base_info, sites[i+win_size].base_info, sizeof(small_int)*4*2*64*256); // 4 types of bases, 2 strands, max quality score is 64, and max read length 256
data/soapsnp-1.03/call_genotype.cc:37:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sites[i].count_uni, sites[i+win_size].count_uni, sizeof(int)*4);
data/soapsnp-1.03/call_genotype.cc:38:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sites[i].q_sum, sites[i+win_size].q_sum, sizeof(int)*4);
data/soapsnp-1.03/call_genotype.cc:39:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sites[i].count_all, sites[i+win_size].count_all, sizeof(int)*4);
data/soapsnp-1.03/call_genotype.cc:236:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(real_p_prior, &mat->p_prior[((ubit64_t)sites[j].ori&0x7)<<4], sizeof(double)*16);
data/soapsnp-1.03/chromosome.cc:20:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bin_seq, other.bin_seq, sizeof(ubit64_t)*len/capacity);
data/soapsnp-1.03/chromosome.cc:24:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bin_seq, other.bin_seq, sizeof(ubit64_t)*len/capacity);
data/soapsnp-1.03/main.cc:59:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
files.soap_result.open(optarg);
data/soapsnp-1.03/main.cc:71:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
files.ref_seq.open(optarg);
data/soapsnp-1.03/main.cc:129:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
files.dbsnp.open(optarg);
data/soapsnp-1.03/main.cc:187:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
files.matrix_file.open(optarg, fstream::out);
data/soapsnp-1.03/main.cc:199:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
files.matrix_file.open(optarg, fstream::in);
data/soapsnp-1.03/main.cc:220:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
para->read_length = atoi(optarg);
data/soapsnp-1.03/main.cc:232:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
para->glf_format = atoi(optarg);
data/soapsnp-1.03/main.cc:241:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
files.region.open(optarg);
data/soapsnp-1.03/main.cc:258:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
files.consensus.open(consensus_name.c_str());
data/soapsnp-1.03/main.cc:268:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
files.consensus.open(consensus_name.c_str(), ios::binary);
data/soapsnp-1.03/main.cc:277:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
files.baseinfo.open(baseinfo_name.c_str());
data/soapsnp-1.03/main.cc:286:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
files.o_region.open(o_region_name.c_str());
data/soapsnp-1.03/main.cc:324:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
files.soap_result.open(alignment_name.c_str());
data/soapsnp-1.03/soap_snp.h:21:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char abbv[17]={'A','M','W','R','M','C','Y','S','W','Y','T','K','R','S','K','G','N'};
data/soapsnp-1.03/soap_snp.h:163:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(freq, other.freq, sizeof(rate_t)*4);
data/soapsnp-1.03/soap_snp.h:177:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(this->freq, other.freq, sizeof(rate_t)*4);
data/soapsnp-1.03/soap_snp.h:79:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
std::string read_id, read, qual, chr_name;
data/soapsnp-1.03/soap_snp.h:80:31: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
int hit, read_len, position, mismatch;
data/soapsnp-1.03/soap_snp.h:85:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
alignment>>soap.read_id>>soap.read>>soap.qual>>soap.hit>>soap.ab>>soap.read_len>>soap.strand>>soap.chr_name>>soap.position>>soap.mismatch;
data/soapsnp-1.03/soap_snp.h:85:132: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
alignment>>soap.read_id>>soap.read>>soap.qual>>soap.hit>>soap.ab>>soap.read_len>>soap.strand>>soap.chr_name>>soap.position>>soap.mismatch;
data/soapsnp-1.03/soap_snp.h:88:11: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if(soap.mismatch>200) {
data/soapsnp-1.03/soap_snp.h:96:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
soap.read = soap.read.substr(0,indel_pos)+temp+soap.read.substr(indel_pos,soap.read_len-indel_pos);
data/soapsnp-1.03/soap_snp.h:96:56: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
soap.read = soap.read.substr(0,indel_pos)+temp+soap.read.substr(indel_pos,soap.read_len-indel_pos);
data/soapsnp-1.03/soap_snp.h:100:17: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
else if (soap.mismatch>100) {
data/soapsnp-1.03/soap_snp.h:104:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
soap.read = soap.read.substr(0,indel_pos) + soap.read.substr(indel_pos+indel_len, soap.read_len-indel_pos-indel_len);
data/soapsnp-1.03/soap_snp.h:104:53: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
soap.read = soap.read.substr(0,indel_pos) + soap.read.substr(indel_pos+indel_len, soap.read_len-indel_pos-indel_len);
data/soapsnp-1.03/soap_snp.h:114:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
o<<soap.read_id<<'\t'<<soap.read<<'\t'<<soap.qual<<'\t'<<soap.hit<<'\t'<<soap.ab<<'\t'<<soap.read_len<<'\t'<<soap.strand<<'\t'<<soap.chr_name<<'\t'<<soap.position<<'\t'<<soap.mismatch;
data/soapsnp-1.03/soap_snp.h:114:178: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
o<<soap.read_id<<'\t'<<soap.read<<'\t'<<soap.qual<<'\t'<<soap.hit<<'\t'<<soap.ab<<'\t'<<soap.read_len<<'\t'<<soap.strand<<'\t'<<soap.chr_name<<'\t'<<soap.position<<'\t'<<soap.mismatch;
data/soapsnp-1.03/soap_snp.h:118:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read[coord];
data/soapsnp-1.03/soap_snp.h:142:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return (read[coord] == 'N');
ANALYSIS SUMMARY:
Hits = 38
Lines analyzed = 1929 in approximately 0.07 seconds (26721 lines/second)
Physical Source Lines of Code (SLOC) = 1684
Hits@level = [0] 0 [1] 14 [2] 23 [3] 1 [4] 0 [5] 0
Hits@level+ = [0+] 38 [1+] 38 [2+] 24 [3+] 1 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 22.5653 [1+] 22.5653 [2+] 14.2518 [3+] 0.593824 [4+] 0 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.