Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/survivor-1.0.7/src/CorrectAllele.cpp Examining data/survivor-1.0.7/src/CorrectAllele.h Examining data/survivor-1.0.7/src/DetectDif.cpp Examining data/survivor-1.0.7/src/DetectDif.h Examining data/survivor-1.0.7/src/Extract_Seq.cpp Examining data/survivor-1.0.7/src/Extract_Seq.h Examining data/survivor-1.0.7/src/GzipStream.h Examining data/survivor-1.0.7/src/SURVIVOR.cpp Examining data/survivor-1.0.7/src/Summarize_SV.cpp Examining data/survivor-1.0.7/src/Summarize_SV.h Examining data/survivor-1.0.7/src/analysis_sv/GIAB_summary.cpp Examining data/survivor-1.0.7/src/analysis_sv/GIAB_summary.h Examining data/survivor-1.0.7/src/analysis_sv/MT_identifier.cpp Examining data/survivor-1.0.7/src/analysis_sv/MT_identifier.h Examining data/survivor-1.0.7/src/analysis_sv/MUMmer_overlap.cpp Examining data/survivor-1.0.7/src/analysis_sv/MUMmer_overlap.h Examining data/survivor-1.0.7/src/analysis_sv/Select_samples.cpp Examining data/survivor-1.0.7/src/analysis_sv/Select_samples.h Examining data/survivor-1.0.7/src/analysis_sv/Simplify_SVs.cpp Examining data/survivor-1.0.7/src/analysis_sv/Simplify_SVs.h Examining data/survivor-1.0.7/src/analysis_sv/Summ_mat.cpp Examining data/survivor-1.0.7/src/analysis_sv/Summ_mat.h Examining data/survivor-1.0.7/src/convert/ConvertMQ0Bed.cpp Examining data/survivor-1.0.7/src/convert/ConvertMQ0Bed.h Examining data/survivor-1.0.7/src/convert/Convert_Assemblytics.cpp Examining data/survivor-1.0.7/src/convert/Convert_Assemblytics.h Examining data/survivor-1.0.7/src/convert/Convert_Bionano.cpp Examining data/survivor-1.0.7/src/convert/Convert_Bionano.h Examining data/survivor-1.0.7/src/convert/Convert_Honey_tails.cpp Examining data/survivor-1.0.7/src/convert/Convert_Honey_tails.h Examining data/survivor-1.0.7/src/convert/Convert_MUMmer.cpp Examining data/survivor-1.0.7/src/convert/Convert_MUMmer.h Examining data/survivor-1.0.7/src/convert/Convert_Pindel.cpp Examining data/survivor-1.0.7/src/convert/Convert_Pindel.h Examining data/survivor-1.0.7/src/convert/Convert_VCF_to_BED.cpp Examining data/survivor-1.0.7/src/convert/Convert_VCF_to_BED.h Examining data/survivor-1.0.7/src/convert/Convert_hapcut2.cpp Examining data/survivor-1.0.7/src/convert/Convert_hapcut2.h Examining data/survivor-1.0.7/src/convert/Process_Coverage.cpp Examining data/survivor-1.0.7/src/convert/Process_Coverage.h Examining data/survivor-1.0.7/src/convert/Process_Lumpy.cpp Examining data/survivor-1.0.7/src/convert/Process_Lumpy.h Examining data/survivor-1.0.7/src/convert/Update_bam_pacbio.cpp Examining data/survivor-1.0.7/src/convert/Update_bam_pacbio.h Examining data/survivor-1.0.7/src/merge_vcf/IntervallTree.cpp Examining data/survivor-1.0.7/src/merge_vcf/IntervallTree.h Examining data/survivor-1.0.7/src/merge_vcf/Paramer.h Examining data/survivor-1.0.7/src/merge_vcf/TNode.h Examining data/survivor-1.0.7/src/merge_vcf/combine_svs.cpp Examining data/survivor-1.0.7/src/merge_vcf/combine_svs.h Examining data/survivor-1.0.7/src/phasing/Phasing_vcf.cpp Examining data/survivor-1.0.7/src/phasing/Phasing_vcf.h Examining data/survivor-1.0.7/src/scrup_vcf/scrup_svs.cpp Examining data/survivor-1.0.7/src/scrup_vcf/scrup_vcf.h Examining data/survivor-1.0.7/src/simulator/Error_scanner.cpp Examining data/survivor-1.0.7/src/simulator/Error_scanner.h Examining data/survivor-1.0.7/src/simulator/Eval_vcf.cpp Examining data/survivor-1.0.7/src/simulator/Eval_vcf.h Examining data/survivor-1.0.7/src/simulator/Pac_Simulator.cpp Examining data/survivor-1.0.7/src/simulator/Pac_Simulator.h Examining data/survivor-1.0.7/src/simulator/SV_Simulator.cpp Examining data/survivor-1.0.7/src/simulator/SV_Simulator.h Examining data/survivor-1.0.7/src/simulator/Sim_reads.cpp Examining data/survivor-1.0.7/src/simulator/Sim_reads.h Examining data/survivor-1.0.7/src/simulator/test_cov.cpp Examining data/survivor-1.0.7/src/simulator/test_cov.h Examining data/survivor-1.0.7/src/snp_overlap/Overlap_snps.cpp Examining data/survivor-1.0.7/src/snp_overlap/Overlap_snps.h Examining data/survivor-1.0.7/src/structs.h Examining data/survivor-1.0.7/src/vcfs/Annotate_vcf.cpp Examining data/survivor-1.0.7/src/vcfs/Annotate_vcf.h Examining data/survivor-1.0.7/src/vcfs/Combine_3_VCF.cpp Examining data/survivor-1.0.7/src/vcfs/Combine_3_VCF.h Examining data/survivor-1.0.7/src/vcfs/Compoverlap_VCF.cpp Examining data/survivor-1.0.7/src/vcfs/Compoverlap_VCF.h Examining data/survivor-1.0.7/src/vcfs/Detect_nested.cpp Examining data/survivor-1.0.7/src/vcfs/Detect_nested.h Examining data/survivor-1.0.7/src/vcfs/Filter_vcf.cpp Examining data/survivor-1.0.7/src/vcfs/Filter_vcf.h Examining data/survivor-1.0.7/src/vcfs/Generate_distMat.cpp Examining data/survivor-1.0.7/src/vcfs/Generate_distMat.h Examining data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp Examining data/survivor-1.0.7/src/vcfs/Merge_VCF.h FINAL RESULTS: data/survivor-1.0.7/src/simulator/Pac_Simulator.cpp:192:2: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(time(NULL)); data/survivor-1.0.7/src/simulator/SV_Simulator.cpp:498:2: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(time(NULL)); data/survivor-1.0.7/src/simulator/SV_Simulator.cpp:599:2: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(time(NULL)); data/survivor-1.0.7/src/simulator/SV_Simulator.cpp:948:2: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(time(NULL)); data/survivor-1.0.7/src/simulator/Sim_reads.cpp:203:2: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(time(NULL)); data/survivor-1.0.7/src/simulator/test_cov.cpp:35:2: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(time(NULL)); data/survivor-1.0.7/src/snp_overlap/Overlap_snps.cpp:745:2: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(time(NULL)); data/survivor-1.0.7/src/CorrectAllele.cpp:26:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(table.c_str(), std::ifstream::in); data/survivor-1.0.7/src/CorrectAllele.cpp:85:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(vcf_file.c_str(), std::ifstream::in); data/survivor-1.0.7/src/CorrectAllele.cpp:88:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(output.c_str(), "w"); data/survivor-1.0.7/src/DetectDif.cpp:26:11: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). stop = atoi(&buffer[i + 2]); data/survivor-1.0.7/src/DetectDif.cpp:37:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(file.c_str(), std::ifstream::in); data/survivor-1.0.7/src/DetectDif.cpp:57:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). svs.start = atoi(&buffer[i]); data/survivor-1.0.7/src/Extract_Seq.cpp:16:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(reference_file.c_str(), std::ifstream::in); data/survivor-1.0.7/src/Extract_Seq.cpp:247:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(outputfile.c_str(), "w"); data/survivor-1.0.7/src/SURVIVOR.cpp:59:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). bool coordinates = bool(atoi(argv[5]) == 0); data/survivor-1.0.7/src/SURVIVOR.cpp:81:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). generate_error_profile(atoi(argv[2]), false, std::string(argv[3])); data/survivor-1.0.7/src/SURVIVOR.cpp:93:64: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). simulate_reads(std::string(argv[2]), std::string(argv[3]), atoi(argv[4]), std::string(argv[5])); data/survivor-1.0.7/src/SURVIVOR.cpp:105:58: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). eval_vcf(std::string(argv[2]), std::string(argv[3]), atoi(argv[4]), std::string(argv[5])); data/survivor-1.0.7/src/SURVIVOR.cpp:125:60: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). combine_calls_svs(std::string(argv[2]), atof(argv[3]), atoi(argv[4]), atoi(argv[5]), atoi(argv[6]), atoi(argv[7]), atoi(argv[8]), std::string(argv[9])); data/survivor-1.0.7/src/SURVIVOR.cpp:125:75: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). combine_calls_svs(std::string(argv[2]), atof(argv[3]), atoi(argv[4]), atoi(argv[5]), atoi(argv[6]), atoi(argv[7]), atoi(argv[8]), std::string(argv[9])); data/survivor-1.0.7/src/SURVIVOR.cpp:125:90: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). combine_calls_svs(std::string(argv[2]), atof(argv[3]), atoi(argv[4]), atoi(argv[5]), atoi(argv[6]), atoi(argv[7]), atoi(argv[8]), std::string(argv[9])); data/survivor-1.0.7/src/SURVIVOR.cpp:125:105: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). combine_calls_svs(std::string(argv[2]), atof(argv[3]), atoi(argv[4]), atoi(argv[5]), atoi(argv[6]), atoi(argv[7]), atoi(argv[8]), std::string(argv[9])); data/survivor-1.0.7/src/SURVIVOR.cpp:125:120: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). combine_calls_svs(std::string(argv[2]), atof(argv[3]), atoi(argv[4]), atoi(argv[5]), atoi(argv[6]), atoi(argv[7]), atoi(argv[8]), std::string(argv[9])); data/survivor-1.0.7/src/SURVIVOR.cpp:140:60: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). filter_vcf(std::string(argv[2]), std::string(argv[3]), atoi(argv[4]), atoi(argv[5]), atof(argv[6]), atoi(argv[7]), std::string(argv[8])); data/survivor-1.0.7/src/SURVIVOR.cpp:140:75: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). filter_vcf(std::string(argv[2]), std::string(argv[3]), atoi(argv[4]), atoi(argv[5]), atof(argv[6]), atoi(argv[7]), std::string(argv[8])); data/survivor-1.0.7/src/SURVIVOR.cpp:140:105: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). filter_vcf(std::string(argv[2]), std::string(argv[3]), atoi(argv[4]), atoi(argv[5]), atof(argv[6]), atoi(argv[7]), std::string(argv[8])); data/survivor-1.0.7/src/SURVIVOR.cpp:153:44: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). parse_VCF_to_bed(std::string(argv[2]), atoi(argv[3]), atoi(argv[4]), std::string(argv[5])); data/survivor-1.0.7/src/SURVIVOR.cpp:153:59: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). parse_VCF_to_bed(std::string(argv[2]), atoi(argv[3]), atoi(argv[4]), std::string(argv[5])); data/survivor-1.0.7/src/SURVIVOR.cpp:175:39: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). comp_mq0bed(std::string(argv[2]), atoi(argv[3]), atoi(argv[4])); data/survivor-1.0.7/src/SURVIVOR.cpp:175:54: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). comp_mq0bed(std::string(argv[2]), atoi(argv[3]), atoi(argv[4])); data/survivor-1.0.7/src/SURVIVOR.cpp:184:38: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). summary_SV(std::string(argv[2]), atoi(argv[3]), atoi(argv[4]), atoi(argv[5]), std::string(argv[6])); data/survivor-1.0.7/src/SURVIVOR.cpp:184:53: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). summary_SV(std::string(argv[2]), atoi(argv[3]), atoi(argv[4]), atoi(argv[5]), std::string(argv[6])); data/survivor-1.0.7/src/SURVIVOR.cpp:184:68: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). summary_SV(std::string(argv[2]), atoi(argv[3]), atoi(argv[4]), atoi(argv[5]), std::string(argv[6])); data/survivor-1.0.7/src/SURVIVOR.cpp:186:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). summary_SV_stream(atoi(argv[2]), atoi(argv[3]), std::string(argv[4])); data/survivor-1.0.7/src/SURVIVOR.cpp:186:38: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). summary_SV_stream(atoi(argv[2]), atoi(argv[3]), std::string(argv[4])); data/survivor-1.0.7/src/SURVIVOR.cpp:197:65: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). overlapp_mummer(std::string(argv[2]), std::string(argv[3]), atoi(argv[4]), std::string(argv[5])); data/survivor-1.0.7/src/SURVIVOR.cpp:232:48: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). process_Assemblytics(std::string(argv[2]), atoi(argv[3]), std::string(argv[4])); data/survivor-1.0.7/src/SURVIVOR.cpp:242:45: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). summary_venn(std::string(argv[2]), bool(atoi(argv[3])==1), std::string(argv[4])); data/survivor-1.0.7/src/SURVIVOR.cpp:325:11: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). switch (atoi(argv[1])) { data/survivor-1.0.7/src/SURVIVOR.cpp:328:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). bool coordinates = bool(atoi(argv[5]) == 0); data/survivor-1.0.7/src/SURVIVOR.cpp:349:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). bool error_mat = bool(atoi(argv[4]) == 1); data/survivor-1.0.7/src/SURVIVOR.cpp:350:30: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). generate_error_profile(atoi(argv[3]), error_mat, std::string(argv[5])); data/survivor-1.0.7/src/SURVIVOR.cpp:360:66: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). simulate_reads(std::string(argv[3]), std::string(argv[4]), atoi(argv[5]), std::string(argv[6])); data/survivor-1.0.7/src/SURVIVOR.cpp:382:58: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). eval_vcf(std::string(argv[2]), std::string(argv[3]), atoi(argv[4]), std::string(argv[5])); data/survivor-1.0.7/src/SURVIVOR.cpp:402:45: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). combine_calls_svs(std::string(argv[2]), atoi(argv[3]), atoi(argv[4]), atoi(argv[5]), atoi(argv[6]), atoi(argv[7]), atoi(argv[8]), std::string(argv[9])); data/survivor-1.0.7/src/SURVIVOR.cpp:402:60: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). combine_calls_svs(std::string(argv[2]), atoi(argv[3]), atoi(argv[4]), atoi(argv[5]), atoi(argv[6]), atoi(argv[7]), atoi(argv[8]), std::string(argv[9])); data/survivor-1.0.7/src/SURVIVOR.cpp:402:75: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). combine_calls_svs(std::string(argv[2]), atoi(argv[3]), atoi(argv[4]), atoi(argv[5]), atoi(argv[6]), atoi(argv[7]), atoi(argv[8]), std::string(argv[9])); data/survivor-1.0.7/src/SURVIVOR.cpp:402:90: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). combine_calls_svs(std::string(argv[2]), atoi(argv[3]), atoi(argv[4]), atoi(argv[5]), atoi(argv[6]), atoi(argv[7]), atoi(argv[8]), std::string(argv[9])); data/survivor-1.0.7/src/SURVIVOR.cpp:402:105: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). combine_calls_svs(std::string(argv[2]), atoi(argv[3]), atoi(argv[4]), atoi(argv[5]), atoi(argv[6]), atoi(argv[7]), atoi(argv[8]), std::string(argv[9])); data/survivor-1.0.7/src/SURVIVOR.cpp:402:120: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). combine_calls_svs(std::string(argv[2]), atoi(argv[3]), atoi(argv[4]), atoi(argv[5]), atoi(argv[6]), atoi(argv[7]), atoi(argv[8]), std::string(argv[9])); data/survivor-1.0.7/src/SURVIVOR.cpp:416:68: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). generate_gene_list(std::string(argv[2]), std::string(argv[3]), atoi(argv[4]), std::string(argv[5])); data/survivor-1.0.7/src/SURVIVOR.cpp:439:44: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). parse_VCF_to_bed(std::string(argv[2]), atoi(argv[3]), atoi(argv[4]), std::string(argv[5])); data/survivor-1.0.7/src/SURVIVOR.cpp:439:59: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). parse_VCF_to_bed(std::string(argv[2]), atoi(argv[3]), atoi(argv[4]), std::string(argv[5])); data/survivor-1.0.7/src/SURVIVOR.cpp:461:41: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). process_Honey(std::string(argv[2]), atoi(argv[3]), std::string(argv[4])); data/survivor-1.0.7/src/SURVIVOR.cpp:471:48: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). process_Assemblytics(std::string(argv[2]), atoi(argv[3]), std::string(argv[4])); data/survivor-1.0.7/src/SURVIVOR.cpp:481:39: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). comp_mq0bed(std::string(argv[2]), atoi(argv[3]), atoi(argv[4])); data/survivor-1.0.7/src/SURVIVOR.cpp:481:54: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). comp_mq0bed(std::string(argv[2]), atoi(argv[3]), atoi(argv[4])); data/survivor-1.0.7/src/SURVIVOR.cpp:490:38: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). summary_SV(std::string(argv[2]), atoi(argv[3]), atoi(argv[4]), atoi(argv[5]), std::string(argv[6])); data/survivor-1.0.7/src/SURVIVOR.cpp:490:53: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). summary_SV(std::string(argv[2]), atoi(argv[3]), atoi(argv[4]), atoi(argv[5]), std::string(argv[6])); data/survivor-1.0.7/src/SURVIVOR.cpp:490:68: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). summary_SV(std::string(argv[2]), atoi(argv[3]), atoi(argv[4]), atoi(argv[5]), std::string(argv[6])); data/survivor-1.0.7/src/SURVIVOR.cpp:493:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). summary_SV_stream(atoi(argv[2]), atoi(argv[3]), std::string(argv[4])); data/survivor-1.0.7/src/SURVIVOR.cpp:493:38: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). summary_SV_stream(atoi(argv[2]), atoi(argv[3]), std::string(argv[4])); data/survivor-1.0.7/src/SURVIVOR.cpp:513:60: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). eval_paper(std::string(argv[2]), std::string(argv[3]), atoi(argv[4])); data/survivor-1.0.7/src/SURVIVOR.cpp:540:44: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). parse_VCF_to_bed(std::string(argv[2]), atoi(argv[3]), atoi(argv[4]), std::string(argv[5])); data/survivor-1.0.7/src/SURVIVOR.cpp:540:59: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). parse_VCF_to_bed(std::string(argv[2]), atoi(argv[3]), atoi(argv[4]), std::string(argv[5])); data/survivor-1.0.7/src/SURVIVOR.cpp:576:49: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). summarize_badcoverage(std::string(argv[2]), atoi(argv[3]), atoi(argv[4]), std::string(argv[5])); data/survivor-1.0.7/src/SURVIVOR.cpp:576:64: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). summarize_badcoverage(std::string(argv[2]), atoi(argv[3]), atoi(argv[4]), std::string(argv[5])); data/survivor-1.0.7/src/SURVIVOR.cpp:586:47: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). summarize_VCF_files(std::string(argv[2]), atoi(argv[3]), std::string(argv[4])); data/survivor-1.0.7/src/SURVIVOR.cpp:634:39: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). summarize_svs_table_window_stream(atoi(argv[2]), std::string(argv[3])); data/survivor-1.0.7/src/SURVIVOR.cpp:654:68: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). overlap_snpsGWASDB(std::string(argv[2]), std::string(argv[3]), atoi(argv[4]), atoi(argv[5]), atoi(argv[6]), std::string(argv[7])); data/survivor-1.0.7/src/SURVIVOR.cpp:654:83: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). overlap_snpsGWASDB(std::string(argv[2]), std::string(argv[3]), atoi(argv[4]), atoi(argv[5]), atoi(argv[6]), std::string(argv[7])); data/survivor-1.0.7/src/SURVIVOR.cpp:654:98: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). overlap_snpsGWASDB(std::string(argv[2]), std::string(argv[3]), atoi(argv[4]), atoi(argv[5]), atoi(argv[6]), std::string(argv[7])); data/survivor-1.0.7/src/SURVIVOR.cpp:667:67: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). overlap_snps_gwas(std::string(argv[2]), std::string(argv[3]), atoi(argv[4]), atoi(argv[5]), std::string(argv[6])); data/survivor-1.0.7/src/SURVIVOR.cpp:667:82: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). overlap_snps_gwas(std::string(argv[2]), std::string(argv[3]), atoi(argv[4]), atoi(argv[5]), std::string(argv[6])); data/survivor-1.0.7/src/SURVIVOR.cpp:678:46: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). convert_mummer_svs(std::string(argv[2]), atoi(argv[3]), std::string(argv[4])); data/survivor-1.0.7/src/SURVIVOR.cpp:688:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). est_cov(atoi(argv[2]), atoi(argv[3]), atoi(argv[4]), atoi(argv[5]), atoi(argv[6])); data/survivor-1.0.7/src/SURVIVOR.cpp:688:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). est_cov(atoi(argv[2]), atoi(argv[3]), atoi(argv[4]), atoi(argv[5]), atoi(argv[6])); data/survivor-1.0.7/src/SURVIVOR.cpp:688:43: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). est_cov(atoi(argv[2]), atoi(argv[3]), atoi(argv[4]), atoi(argv[5]), atoi(argv[6])); data/survivor-1.0.7/src/SURVIVOR.cpp:688:58: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). est_cov(atoi(argv[2]), atoi(argv[3]), atoi(argv[4]), atoi(argv[5]), atoi(argv[6])); data/survivor-1.0.7/src/SURVIVOR.cpp:688:73: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). est_cov(atoi(argv[2]), atoi(argv[3]), atoi(argv[4]), atoi(argv[5]), atoi(argv[6])); data/survivor-1.0.7/src/SURVIVOR.cpp:700:62: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). simplify_svs(std::string(argv[2]), std::string(argv[3]), atoi(argv[4]), std::string(argv[5])); data/survivor-1.0.7/src/SURVIVOR.cpp:710:65: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). overlapp_mummer(std::string(argv[2]), std::string(argv[3]), atoi(argv[4]), std::string(argv[5])); data/survivor-1.0.7/src/SURVIVOR.cpp:720:73: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). generate_random_regions(std::string(argv[2]), std::string(argv[3]), atoi(argv[4]), std::string(argv[5])); data/survivor-1.0.7/src/Summarize_SV.cpp:135:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(out.c_str(), "w"); data/survivor-1.0.7/src/Summarize_SV.cpp:144:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(output.c_str(), "w"); data/survivor-1.0.7/src/Summarize_SV.cpp:209:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(out.c_str(), "w"); data/survivor-1.0.7/src/Summarize_SV.cpp:291:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). supp = atoi(&line[i + 5]); data/survivor-1.0.7/src/Summarize_SV.cpp:372:20: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE * file = fopen(out.c_str(), "a"); data/survivor-1.0.7/src/Summarize_SV.cpp:401:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(out.c_str(), "w"); data/survivor-1.0.7/src/Summarize_SV.cpp:411:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(output.c_str(), "w"); data/survivor-1.0.7/src/Summarize_SV.cpp:476:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(out.c_str(), "w"); data/survivor-1.0.7/src/Summarize_SV.cpp:541:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(filename.c_str(), std::ifstream::in); data/survivor-1.0.7/src/Summarize_SV.cpp:600:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE * file = fopen(output.c_str(), "w"); data/survivor-1.0.7/src/analysis_sv/GIAB_summary.cpp:190:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(filename.c_str(), ifstream::in); data/survivor-1.0.7/src/analysis_sv/GIAB_summary.cpp:197:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(output.c_str(), "w"); data/survivor-1.0.7/src/analysis_sv/GIAB_summary.cpp:267:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(filename.c_str(), ifstream::in); data/survivor-1.0.7/src/analysis_sv/GIAB_summary.cpp:289:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp.support[0] += atoi(&buffer[i]); data/survivor-1.0.7/src/analysis_sv/GIAB_summary.cpp:292:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp.support[1] += atoi(&buffer[i]); data/survivor-1.0.7/src/analysis_sv/GIAB_summary.cpp:295:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp.support[2] += atoi(&buffer[i]); data/survivor-1.0.7/src/analysis_sv/GIAB_summary.cpp:298:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp.support[3] += atoi(&buffer[i]); data/survivor-1.0.7/src/analysis_sv/GIAB_summary.cpp:300:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp.support[4] += atoi(&buffer[i]); data/survivor-1.0.7/src/analysis_sv/GIAB_summary.cpp:332:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file2 = fopen(output.c_str(), "w"); data/survivor-1.0.7/src/analysis_sv/GIAB_summary.cpp:418:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(out.c_str(), "w"); data/survivor-1.0.7/src/analysis_sv/MT_identifier.cpp:46:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp.pos = atoi(&buffer[i]); data/survivor-1.0.7/src/analysis_sv/MT_identifier.cpp:57:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp.MQ = atoi(&buffer[i]); data/survivor-1.0.7/src/analysis_sv/MUMmer_overlap.cpp:16:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(filename.c_str(), std::ifstream::in); data/survivor-1.0.7/src/analysis_sv/MUMmer_overlap.cpp:46:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(filename.c_str(), std::ifstream::in); data/survivor-1.0.7/src/analysis_sv/MUMmer_overlap.cpp:67:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). start = atoi(&buffer[i]); data/survivor-1.0.7/src/analysis_sv/MUMmer_overlap.cpp:70:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). stop = atoi(&buffer[i]); data/survivor-1.0.7/src/analysis_sv/MUMmer_overlap.cpp:74:11: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). len = atoi(&buffer[i]); data/survivor-1.0.7/src/analysis_sv/MUMmer_overlap.cpp:133:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(vcf_SVs_file.c_str(), std::ifstream::in); data/survivor-1.0.7/src/analysis_sv/MUMmer_overlap.cpp:141:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(output.c_str(), "w"); data/survivor-1.0.7/src/analysis_sv/Select_samples.cpp:30:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(vcf_file.c_str(), std::ifstream::in); data/survivor-1.0.7/src/analysis_sv/Select_samples.cpp:125:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(output.c_str(), "w"); data/survivor-1.0.7/src/analysis_sv/Simplify_SVs.cpp:59:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sv.start.pos = atoi(&buffer[i]); data/survivor-1.0.7/src/analysis_sv/Simplify_SVs.cpp:68:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sv.stop.pos = atoi(&buffer[i + 4]); data/survivor-1.0.7/src/analysis_sv/Simplify_SVs.cpp:150:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(pop_file.c_str(), ifstream::in); data/survivor-1.0.7/src/analysis_sv/Simplify_SVs.cpp:197:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(filename.c_str(), ifstream::in); data/survivor-1.0.7/src/analysis_sv/Simplify_SVs.cpp:209:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file2 = fopen(output.c_str(), "w"); data/survivor-1.0.7/src/analysis_sv/Summ_mat.cpp:79:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(venn_file.c_str(), std::ifstream::in); data/survivor-1.0.7/src/analysis_sv/Summ_mat.cpp:89:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(output.c_str(), "w"); data/survivor-1.0.7/src/analysis_sv/Summ_mat.cpp:111:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pos = atoi(&buffer[i]); data/survivor-1.0.7/src/analysis_sv/Summ_mat.cpp:168:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(output.c_str(), "w"); data/survivor-1.0.7/src/analysis_sv/Summ_mat.cpp:193:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pos = atoi(&buffer[i]); data/survivor-1.0.7/src/convert/ConvertMQ0Bed.cpp:15:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(cov_file.c_str(), std::ifstream::in); data/survivor-1.0.7/src/convert/ConvertMQ0Bed.cpp:36:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). current = atoi(&buffer[i]); data/survivor-1.0.7/src/convert/ConvertMQ0Bed.cpp:39:11: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cov = atoi(&buffer[i]); data/survivor-1.0.7/src/convert/Convert_Assemblytics.cpp:59:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(assemblytics.c_str(), std::ifstream::in); data/survivor-1.0.7/src/convert/Convert_Assemblytics.cpp:78:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp.start.pos = atoi(&buffer[i]); data/survivor-1.0.7/src/convert/Convert_Assemblytics.cpp:81:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp.stop.pos = atoi(&buffer[i]); data/survivor-1.0.7/src/convert/Convert_Assemblytics.cpp:93:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). dist= abs(atoi(&buffer[i])); data/survivor-1.0.7/src/convert/Convert_Assemblytics.cpp:142:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(output.c_str(), "w"); data/survivor-1.0.7/src/convert/Convert_Bionano.cpp:63:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(bionano.c_str(), std::ifstream::in); data/survivor-1.0.7/src/convert/Convert_Bionano.cpp:88:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). query_start = atoi(&buffer[i]); data/survivor-1.0.7/src/convert/Convert_Bionano.cpp:91:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). query_stop = atoi(&buffer[i]); data/survivor-1.0.7/src/convert/Convert_Bionano.cpp:94:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp.start.pos = atoi(&buffer[i]); data/survivor-1.0.7/src/convert/Convert_Bionano.cpp:97:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp.stop.pos = atoi(&buffer[i]); data/survivor-1.0.7/src/convert/Convert_Bionano.cpp:133:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(bionano.c_str(), std::ifstream::in); data/survivor-1.0.7/src/convert/Convert_Bionano.cpp:172:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp.start.pos = atoi(&buffer[i]); data/survivor-1.0.7/src/convert/Convert_Bionano.cpp:175:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp.stop.pos = atoi(&buffer[i]); data/survivor-1.0.7/src/convert/Convert_Bionano.cpp:178:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp.sv_len = atoi(&buffer[i]); data/survivor-1.0.7/src/convert/Convert_Bionano.cpp:199:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(output.c_str(), "w"); data/survivor-1.0.7/src/convert/Convert_Bionano.cpp:211:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(output.c_str(), "w"); data/survivor-1.0.7/src/convert/Convert_Honey_tails.cpp:32:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(assemblytics.c_str(), std::ifstream::in); data/survivor-1.0.7/src/convert/Convert_Honey_tails.cpp:55:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp.start.pos = atoi(&buffer[i]); data/survivor-1.0.7/src/convert/Convert_Honey_tails.cpp:58:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp.stop.pos = atoi(&buffer[i]); data/survivor-1.0.7/src/convert/Convert_Honey_tails.cpp:67:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). dist= abs(atoi(&buffer[i])); data/survivor-1.0.7/src/convert/Convert_Honey_tails.cpp:117:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(output.c_str(), "w"); data/survivor-1.0.7/src/convert/Convert_MUMmer.cpp:45:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(mummer.c_str(), std::ifstream::in); data/survivor-1.0.7/src/convert/Convert_MUMmer.cpp:56:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(output.c_str(), "w"); data/survivor-1.0.7/src/convert/Convert_MUMmer.cpp:73:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). start = atoi(&buffer[i]); data/survivor-1.0.7/src/convert/Convert_MUMmer.cpp:76:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). stop = atoi(&buffer[i]); data/survivor-1.0.7/src/convert/Convert_MUMmer.cpp:79:11: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). len = atoi(&buffer[i]); data/survivor-1.0.7/src/convert/Convert_Pindel.cpp:79:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(pindel_vcf.c_str(), std::ifstream::in); data/survivor-1.0.7/src/convert/Convert_Pindel.cpp:100:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). region.start.pos=atoi(&buffer[i]); data/survivor-1.0.7/src/convert/Convert_Pindel.cpp:103:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). region.stop.pos=atoi(&buffer[i+4]); data/survivor-1.0.7/src/convert/Convert_Pindel.cpp:112:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). support=atoi(&buffer[i]); data/survivor-1.0.7/src/convert/Convert_VCF_to_BED.cpp:58:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(vcf_file.c_str(), std::ifstream::in); data/survivor-1.0.7/src/convert/Convert_VCF_to_BED.cpp:90:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(output.c_str(), "w"); data/survivor-1.0.7/src/convert/Convert_VCF_to_BED.cpp:172:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(filename.c_str(), std::ifstream::in); data/survivor-1.0.7/src/convert/Convert_VCF_to_BED.cpp:192:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp.start.pos = atoi(&buffer[i]); data/survivor-1.0.7/src/convert/Convert_VCF_to_BED.cpp:233:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(output.c_str(), "w"); data/survivor-1.0.7/src/convert/Convert_VCF_to_BED.cpp:357:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(bedfile.c_str(), std::ifstream::in); data/survivor-1.0.7/src/convert/Convert_VCF_to_BED.cpp:363:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(output.c_str(), "w"); data/survivor-1.0.7/src/convert/Convert_VCF_to_BED.cpp:377:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). region.start.pos = atoi(&buffer[i])-1; data/survivor-1.0.7/src/convert/Convert_VCF_to_BED.cpp:380:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). region.stop.pos = atoi(&buffer[i])-1; data/survivor-1.0.7/src/convert/Convert_VCF_to_BED.cpp:406:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(output.c_str(), "w"); data/survivor-1.0.7/src/convert/Convert_VCF_to_BED.cpp:459:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(vcffile.c_str(), std::ifstream::in); data/survivor-1.0.7/src/convert/Convert_VCF_to_BED.cpp:465:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(output.c_str(), "w"); data/survivor-1.0.7/src/convert/Convert_VCF_to_BED.cpp:478:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). start = atoi(&buffer[i + 1]); data/survivor-1.0.7/src/convert/Convert_VCF_to_BED.cpp:503:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(output.c_str(), "w"); data/survivor-1.0.7/src/convert/Convert_VCF_to_BED.cpp:523:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(output.c_str(), "w"); data/survivor-1.0.7/src/convert/Convert_hapcut2.cpp:16:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(hapcut2.c_str(), std::ifstream::in); data/survivor-1.0.7/src/convert/Convert_hapcut2.cpp:42:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pos = atoi(&buffer[i]); data/survivor-1.0.7/src/convert/Convert_hapcut2.cpp:82:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(orig_snp.c_str(), std::ifstream::in); data/survivor-1.0.7/src/convert/Convert_hapcut2.cpp:87:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE * file = fopen(output.c_str(), "w"); data/survivor-1.0.7/src/convert/Convert_hapcut2.cpp:115:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pos = atoi(&buffer[i]); data/survivor-1.0.7/src/convert/Process_Coverage.cpp:14:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(filename.c_str(), std::ifstream::in); data/survivor-1.0.7/src/convert/Process_Coverage.cpp:21:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(output.c_str(), "w"); data/survivor-1.0.7/src/convert/Process_Coverage.cpp:55:11: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pos = atoi(&buffer[i]); data/survivor-1.0.7/src/convert/Process_Coverage.cpp:58:11: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cov = atoi(&buffer[i]); data/survivor-1.0.7/src/convert/Process_Lumpy.cpp:32:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). support += atoi(&line[i]); data/survivor-1.0.7/src/convert/Process_Lumpy.cpp:51:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). region.start.pos = atoi(&buffer[i]); data/survivor-1.0.7/src/convert/Process_Lumpy.cpp:58:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). region.stop.pos = atoi(&buffer[i]); data/survivor-1.0.7/src/convert/Process_Lumpy.cpp:184:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(lumpy_bede.c_str(), std::ifstream::in); data/survivor-1.0.7/src/convert/Process_Lumpy.cpp:190:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE * file = fopen(output.c_str(), "a"); data/survivor-1.0.7/src/convert/Process_Lumpy.cpp:205:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). region.start.pos = atoi(&buffer[i]); data/survivor-1.0.7/src/convert/Process_Lumpy.cpp:212:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). region.stop.pos = atoi(&buffer[i]); data/survivor-1.0.7/src/convert/Process_Lumpy.cpp:249:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(output.c_str(), "w"); data/survivor-1.0.7/src/convert/Process_Lumpy.cpp:289:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(output.c_str(), "a"); data/survivor-1.0.7/src/convert/Process_Lumpy.cpp:368:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(out_vcf.c_str(), "w"); data/survivor-1.0.7/src/convert/Process_Lumpy.cpp:373:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(in_vcf.c_str(), std::ifstream::in); data/survivor-1.0.7/src/convert/Update_bam_pacbio.cpp:30:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(unmapped_sam.c_str(), std::ifstream::in); data/survivor-1.0.7/src/convert/Update_bam_pacbio.cpp:62:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(mapped_sam.c_str(), std::ifstream::in); data/survivor-1.0.7/src/convert/Update_bam_pacbio.cpp:69:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file2 = fopen(output_sam.c_str(), "w"); data/survivor-1.0.7/src/merge_vcf/combine_svs.cpp:68:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[80]; data/survivor-1.0.7/src/merge_vcf/combine_svs.cpp:590:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(filename.c_str(), std::ifstream::in); data/survivor-1.0.7/src/merge_vcf/combine_svs.cpp:611:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). chrs[name] = atoi(&buffer[i + 1]); data/survivor-1.0.7/src/merge_vcf/combine_svs.cpp:667:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(output.c_str(), "w"); data/survivor-1.0.7/src/merge_vcf/combine_svs.cpp:751:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(output.c_str(), "w"); data/survivor-1.0.7/src/phasing/Phasing_vcf.cpp:14:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(hapcut_output.c_str(), std::ifstream::in); data/survivor-1.0.7/src/phasing/Phasing_vcf.cpp:46:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp.position = atoi(&buffer[i]); data/survivor-1.0.7/src/phasing/Phasing_vcf.cpp:74:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(parents_vcf.c_str(), std::ifstream::in); data/survivor-1.0.7/src/phasing/Phasing_vcf.cpp:91:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pos = atoi(&buffer[i]); data/survivor-1.0.7/src/phasing/Phasing_vcf.cpp:143:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(gatk_output.c_str(), std::ifstream::in); data/survivor-1.0.7/src/phasing/Phasing_vcf.cpp:160:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pos = atoi(&buffer[i]); data/survivor-1.0.7/src/phasing/Phasing_vcf.cpp:237:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(snp_output.c_str(), std::ifstream::in); data/survivor-1.0.7/src/phasing/Phasing_vcf.cpp:255:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pos = atoi(&buffer[i]); data/survivor-1.0.7/src/phasing/Phasing_vcf.cpp:285:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(parents_vcf.c_str(), std::ifstream::in); data/survivor-1.0.7/src/phasing/Phasing_vcf.cpp:302:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pos = atoi(&buffer[i]); data/survivor-1.0.7/src/phasing/Phasing_vcf.cpp:362:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(output.c_str(), "w"); data/survivor-1.0.7/src/simulator/Error_scanner.cpp:120:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if ((atoi(&md[i]) == 0 && md[i] != '0') && md[i] != '^') { //is not a number data/survivor-1.0.7/src/simulator/Error_scanner.cpp:157:11: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pos += atoi(&md[i]); data/survivor-1.0.7/src/simulator/Error_scanner.cpp:238:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if ((atoi(&md[i]) == 0 && md[i] != '0')) { //is not a number data/survivor-1.0.7/src/simulator/Error_scanner.cpp:260:11: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pos += atoi(&md[i]); data/survivor-1.0.7/src/simulator/Error_scanner.cpp:295:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if ((atoi(&buffer[i]) == 0 && buffer[i] != '0')) { //not a number: data/survivor-1.0.7/src/simulator/Error_scanner.cpp:301:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp.Length = atoi(&buffer[i]); data/survivor-1.0.7/src/simulator/Error_scanner.cpp:436:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(output.c_str(), "w"); data/survivor-1.0.7/src/simulator/Error_scanner.cpp:459:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(out.c_str(), "w"); data/survivor-1.0.7/src/simulator/Eval_vcf.cpp:40:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(filename.c_str(), std::ifstream::in); data/survivor-1.0.7/src/simulator/Eval_vcf.cpp:56:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp.start.pos = atoi(&buffer[i]); data/survivor-1.0.7/src/simulator/Eval_vcf.cpp:62:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp.stop.pos = atoi(&buffer[i]); data/survivor-1.0.7/src/simulator/Eval_vcf.cpp:110:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). gq = atoi(&entry[i]); data/survivor-1.0.7/src/simulator/Eval_vcf.cpp:113:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). dr = atoi(&entry[i]); data/survivor-1.0.7/src/simulator/Eval_vcf.cpp:116:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). dv = atoi(&entry[i]); data/survivor-1.0.7/src/simulator/Eval_vcf.cpp:119:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). rr = atoi(&entry[i]); data/survivor-1.0.7/src/simulator/Eval_vcf.cpp:122:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). rv = atoi(&entry[i]); data/survivor-1.0.7/src/simulator/Eval_vcf.cpp:205:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). right = fopen(out.c_str(), "w"); data/survivor-1.0.7/src/simulator/Eval_vcf.cpp:209:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). addition = fopen(out.c_str(), "w"); data/survivor-1.0.7/src/simulator/Pac_Simulator.cpp:170:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(genome.c_str(), std::ifstream::in); data/survivor-1.0.7/src/simulator/Pac_Simulator.cpp:182:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(out.c_str(), "w"); data/survivor-1.0.7/src/simulator/Pac_Simulator.cpp:186:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file2 = fopen(out.c_str(), "w"); data/survivor-1.0.7/src/simulator/Pac_Simulator.cpp:190:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). sam = fopen(out.c_str(), "w"); data/survivor-1.0.7/src/simulator/SV_Simulator.cpp:29:11: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). return atoi(&buffer[i]); data/survivor-1.0.7/src/simulator/SV_Simulator.cpp:50:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(filename.c_str(), std::ifstream::in); data/survivor-1.0.7/src/simulator/SV_Simulator.cpp:123:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(ref_file.c_str(), std::ifstream::in); data/survivor-1.0.7/src/simulator/SV_Simulator.cpp:675:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file2 = fopen(out.c_str(), "w"); data/survivor-1.0.7/src/simulator/SV_Simulator.cpp:713:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file2 = fopen(out.c_str(), "w"); data/survivor-1.0.7/src/simulator/SV_Simulator.cpp:722:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(out.c_str(), "w"); data/survivor-1.0.7/src/simulator/SV_Simulator.cpp:834:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[80]; data/survivor-1.0.7/src/simulator/SV_Simulator.cpp:974:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file2 = fopen(out.c_str(), "w"); data/survivor-1.0.7/src/simulator/SV_Simulator.cpp:1008:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file2 = fopen(parameter_file.c_str(), "w"); data/survivor-1.0.7/src/simulator/Sim_reads.cpp:14:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(genome_file.c_str(), ifstream::in); data/survivor-1.0.7/src/simulator/Sim_reads.cpp:159:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(error_profile_file.c_str(), ifstream::in); data/survivor-1.0.7/src/simulator/Sim_reads.cpp:225:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(output.c_str(), "w"); data/survivor-1.0.7/src/snp_overlap/Overlap_snps.cpp:20:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). len = atoi(&buffer[i]); data/survivor-1.0.7/src/snp_overlap/Overlap_snps.cpp:53:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(vcf_file.c_str(), std::ifstream::in); data/survivor-1.0.7/src/snp_overlap/Overlap_snps.cpp:126:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(output.c_str(), "w"); data/survivor-1.0.7/src/snp_overlap/Overlap_snps.cpp:131:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(snp_file.c_str(), std::ifstream::in); data/survivor-1.0.7/src/snp_overlap/Overlap_snps.cpp:162:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). start = atoi(&buffer[i]); data/survivor-1.0.7/src/snp_overlap/Overlap_snps.cpp:173:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pop = atoi(&buffer[i]); data/survivor-1.0.7/src/snp_overlap/Overlap_snps.cpp:283:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int pos = atoi(&buffer[i]); data/survivor-1.0.7/src/snp_overlap/Overlap_snps.cpp:289:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pos = atoi(&buffer[i]); data/survivor-1.0.7/src/snp_overlap/Overlap_snps.cpp:311:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pos = atoi(&buffer[i]); data/survivor-1.0.7/src/snp_overlap/Overlap_snps.cpp:326:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(svs_file.c_str(), std::ifstream::in); data/survivor-1.0.7/src/snp_overlap/Overlap_snps.cpp:342:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp.start.pos = atoi(&buffer[i]); data/survivor-1.0.7/src/snp_overlap/Overlap_snps.cpp:345:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp.stop.pos = atoi(&buffer[i]); data/survivor-1.0.7/src/snp_overlap/Overlap_snps.cpp:348:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp.type = atoi(&buffer[i]); data/survivor-1.0.7/src/snp_overlap/Overlap_snps.cpp:413:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(output.c_str(), "w"); data/survivor-1.0.7/src/snp_overlap/Overlap_snps.cpp:619:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(snp_file.c_str(), std::ifstream::in); data/survivor-1.0.7/src/snp_overlap/Overlap_snps.cpp:625:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(output.c_str(), "w"); data/survivor-1.0.7/src/snp_overlap/Overlap_snps.cpp:652:11: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pop = atoi(&buffer[i]); data/survivor-1.0.7/src/snp_overlap/Overlap_snps.cpp:703:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(genome_file.c_str(), std::ifstream::in); data/survivor-1.0.7/src/snp_overlap/Overlap_snps.cpp:747:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(output.c_str(), "w"); data/survivor-1.0.7/src/vcfs/Annotate_vcf.cpp:23:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(gtf_file.c_str(), std::ifstream::in); data/survivor-1.0.7/src/vcfs/Annotate_vcf.cpp:46:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp.region.start.pos = atoi(&buffer[i]); data/survivor-1.0.7/src/vcfs/Annotate_vcf.cpp:50:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp.region.stop.pos = atoi(&buffer[i]); data/survivor-1.0.7/src/vcfs/Annotate_vcf.cpp:76:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(gtf_file.c_str(), std::ifstream::in); data/survivor-1.0.7/src/vcfs/Annotate_vcf.cpp:93:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp.region.start.pos = atoi(&buffer[i]); data/survivor-1.0.7/src/vcfs/Annotate_vcf.cpp:97:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp.region.stop.pos = atoi(&buffer[i]); data/survivor-1.0.7/src/vcfs/Annotate_vcf.cpp:171:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(outputfile.c_str(), "w"); data/survivor-1.0.7/src/vcfs/Annotate_vcf.cpp:254:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(LTR_file.c_str(), std::ifstream::in); data/survivor-1.0.7/src/vcfs/Annotate_vcf.cpp:289:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp.start = atoi(&buffer[i]); data/survivor-1.0.7/src/vcfs/Annotate_vcf.cpp:292:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp.stop = atoi(&buffer[i]); data/survivor-1.0.7/src/vcfs/Annotate_vcf.cpp:296:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (atoi(&buffer[i]) == 1) { data/survivor-1.0.7/src/vcfs/Annotate_vcf.cpp:342:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(vcf_file.c_str(), std::ifstream::in); data/survivor-1.0.7/src/vcfs/Annotate_vcf.cpp:382:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp.start.pos = atoi(&buffer[i]); data/survivor-1.0.7/src/vcfs/Annotate_vcf.cpp:425:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(out.c_str(), "w"); data/survivor-1.0.7/src/vcfs/Annotate_vcf.cpp:457:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(out.c_str(), "w"); data/survivor-1.0.7/src/vcfs/Annotate_vcf.cpp:552:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(vcf_file.c_str(), std::ifstream::in); data/survivor-1.0.7/src/vcfs/Annotate_vcf.cpp:569:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). svs.start = atoi(&buffer[i]); data/survivor-1.0.7/src/vcfs/Annotate_vcf.cpp:575:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). svs.stop = atoi(&buffer[i + 5]); data/survivor-1.0.7/src/vcfs/Annotate_vcf.cpp:596:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(annotation.c_str(), std::ifstream::in); data/survivor-1.0.7/src/vcfs/Annotate_vcf.cpp:616:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). start = atoi(&buffer[i]); data/survivor-1.0.7/src/vcfs/Annotate_vcf.cpp:620:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). stop = atoi(&buffer[i]); data/survivor-1.0.7/src/vcfs/Annotate_vcf.cpp:656:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(output.c_str(), "w"); data/survivor-1.0.7/src/vcfs/Combine_3_VCF.cpp:103:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). final = fopen(out.c_str(), "w"); data/survivor-1.0.7/src/vcfs/Combine_3_VCF.cpp:139:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). final = fopen(out.c_str(), "w"); data/survivor-1.0.7/src/vcfs/Combine_3_VCF.cpp:143:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). unique = fopen(out.c_str(), "w"); data/survivor-1.0.7/src/vcfs/Compoverlap_VCF.cpp:38:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(vcf_file.c_str(), std::ifstream::in); data/survivor-1.0.7/src/vcfs/Compoverlap_VCF.cpp:99:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). combined = fopen(out.c_str(), "w"); data/survivor-1.0.7/src/vcfs/Compoverlap_VCF.cpp:103:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). unique_delly = fopen(out.c_str(), "w"); data/survivor-1.0.7/src/vcfs/Compoverlap_VCF.cpp:107:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). unique_lumpy = fopen(out.c_str(), "w"); data/survivor-1.0.7/src/vcfs/Detect_nested.cpp:14:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(vcf_file.c_str(), std::ifstream::in); data/survivor-1.0.7/src/vcfs/Detect_nested.cpp:46:11: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). id = atoi(&buffer[i]); data/survivor-1.0.7/src/vcfs/Filter_vcf.cpp:22:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). gq = atoi(&entry[i]); data/survivor-1.0.7/src/vcfs/Filter_vcf.cpp:25:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). dr = atoi(&entry[i]); data/survivor-1.0.7/src/vcfs/Filter_vcf.cpp:28:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). dv = atoi(&entry[i]); data/survivor-1.0.7/src/vcfs/Filter_vcf.cpp:31:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). rr = atoi(&entry[i]); data/survivor-1.0.7/src/vcfs/Filter_vcf.cpp:34:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). rv = atoi(&entry[i]); data/survivor-1.0.7/src/vcfs/Filter_vcf.cpp:37:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). lumpy = atoi(&entry[i]); data/survivor-1.0.7/src/vcfs/Filter_vcf.cpp:86:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(filename.c_str(), std::ifstream::in); data/survivor-1.0.7/src/vcfs/Filter_vcf.cpp:101:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp.start.pos = atoi(&buffer[i]); data/survivor-1.0.7/src/vcfs/Filter_vcf.cpp:104:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp.stop.pos = atoi(&buffer[i]); data/survivor-1.0.7/src/vcfs/Filter_vcf.cpp:134:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(vcf_file.c_str(), std::ifstream::in); data/survivor-1.0.7/src/vcfs/Filter_vcf.cpp:140:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(outputvcf.c_str(), "w"); data/survivor-1.0.7/src/vcfs/Filter_vcf.cpp:181:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(vcf_file.c_str(), std::ifstream::in); data/survivor-1.0.7/src/vcfs/Filter_vcf.cpp:187:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(outputvcf.c_str(), "w"); data/survivor-1.0.7/src/vcfs/Filter_vcf.cpp:204:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). len = atoi(&buffer[i + 6]); data/survivor-1.0.7/src/vcfs/Filter_vcf.cpp:243:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(venn_file.c_str(), std::ifstream::in); data/survivor-1.0.7/src/vcfs/Generate_distMat.cpp:19:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(filename.c_str(), std::ifstream::in); data/survivor-1.0.7/src/vcfs/Generate_distMat.cpp:74:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(filename.c_str(), std::ifstream::in); data/survivor-1.0.7/src/vcfs/Generate_distMat.cpp:147:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE * file = fopen(output.c_str(), "w"); data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:17:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(filename.c_str(), std::ifstream::in); data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:42:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pos.pos = atoi(&buffer[i + 5]); data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:94:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). entries.push_back(atoi(&buffer[i])); data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:97:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). entries.push_back(atoi(&buffer[i + 1])); data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:162:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pos.pos = atoi(&buffer[i]); data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:194:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). res.first += atoi(&buffer[i]); data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:198:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). res.second += atoi(&buffer[i]); data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:225:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). res.first += atoi(&buffer[i]); data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:229:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). res.second += atoi(&buffer[i]); data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:253:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). res.first += atoi(&buffer[i]); data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:257:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). res.second += atoi(&buffer[i]); data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:274:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). support = atoi(&buffer[i + 6]); data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:277:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). support += atoi(&buffer[i + 4]); data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:387:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp.start.pos = atoi(&buffer[i]); data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:407:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp.num_reads.second = atoi(&buffer[i + 4]); data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:410:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp.num_reads.second = atoi(&buffer[i + 4]); data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:559:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(filename.c_str(), std::ifstream::in); data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:627:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp.start.pos = atoi(&buffer[i]); data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:656:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp.quality = atoi(&buffer[i]); data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:670:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp.num_reads.second = atoi(&buffer[i + 4]); data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:673:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp.num_reads.second = atoi(&buffer[i + 4]); data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:691:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp.sv_len = abs((int) atoi(&buffer[i + 8])); data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:694:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp.sv_len = abs((int) atoi(&buffer[i + 7])); data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:698:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ss << atoi(&buffer[i + 5]); data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:876:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myfile.open(names[0].c_str(), std::ifstream::in); data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:977:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(outputfile.c_str(), "w"); data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:996:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(outputfile.c_str(), "w"); data/survivor-1.0.7/src/simulator/Error_scanner.cpp:95:5: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read.insert(pos, "-"); data/survivor-1.0.7/src/simulator/Error_scanner.cpp:100:4: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read.erase(pos, cigar_data[i].Length); data/survivor-1.0.7/src/simulator/Error_scanner.cpp:125:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (j < read.size() && aln_pos != pos) { data/survivor-1.0.7/src/simulator/Error_scanner.cpp:164:31: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). cout << "read: "<<dir<<" "<< read << endl; data/survivor-1.0.7/src/simulator/Error_scanner.cpp:176:41: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). error_mat[pos][get_id(ref[i])][get_id(read[i])]++; data/survivor-1.0.7/src/simulator/Error_scanner.cpp:177:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read[i] != '-') { data/survivor-1.0.7/src/simulator/Error_scanner.cpp:445:40: [1] (buffer) mismatch: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. fprintf(file, "%f", error_profile[i].mismatch / error_profile[i].total); data/survivor-1.0.7/src/simulator/Error_scanner.h:35:9: [1] (buffer) mismatch: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. double mismatch; data/survivor-1.0.7/src/simulator/Pac_Simulator.cpp:67:29: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void rev_comp(std::string & read) { data/survivor-1.0.7/src/simulator/Pac_Simulator.cpp:69:41: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). for (std::string::reverse_iterator i = read.rbegin(); i != read.rend(); i++) { data/survivor-1.0.7/src/simulator/Pac_Simulator.cpp:69:61: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). for (std::string::reverse_iterator i = read.rbegin(); i != read.rend(); i++) { data/survivor-1.0.7/src/simulator/Pac_Simulator.cpp:72:2: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read.clear(); data/survivor-1.0.7/src/simulator/Pac_Simulator.cpp:96:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rev_comp(read); data/survivor-1.0.7/src/simulator/Pac_Simulator.cpp:108:46: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while ((int)new_seq.size() < len && pos < read.size()) { data/survivor-1.0.7/src/simulator/Pac_Simulator.cpp:109:48: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (rand() % 100 < 15 && (pos > 0 && pos < read.size() - 1)) { //why 4?? // ADD MISMATCHES data/survivor-1.0.7/src/simulator/Pac_Simulator.cpp:139:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). new_seq += read[pos]; data/survivor-1.0.7/src/simulator/Sim_reads.cpp:255:27: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (num_N / (double) read.size() > 0.1) { //Obtaining the sequence (avoid large regions of N's) data/survivor-1.0.7/src/simulator/Sim_reads.cpp:276:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (t < read.size()) { data/survivor-1.0.7/src/simulator/Sim_reads.cpp:277:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(read[t]=='N'){ data/survivor-1.0.7/src/simulator/Sim_reads.cpp:278:5: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read[t]=new_nuc('N'); data/survivor-1.0.7/src/simulator/Sim_reads.cpp:283:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). final_read += read[t]; data/survivor-1.0.7/src/simulator/Sim_reads.cpp:285:27: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). final_read += new_nuc(read[t]); data/survivor-1.0.7/src/simulator/Sim_reads.cpp:286:85: [1] (buffer) mismatch: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. } else if (bp < error_profile[t].ins + error_profile[t].match + error_profile[t].mismatch) { data/survivor-1.0.7/src/simulator/Sim_reads.cpp:287:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). final_read += read[t]; ANALYSIS SUMMARY: Hits = 365 Lines analyzed = 14769 in approximately 0.48 seconds (30470 lines/second) Physical Source Lines of Code (SLOC) = 11697 Hits@level = [0] 808 [1] 24 [2] 334 [3] 7 [4] 0 [5] 0 Hits@level+ = [0+] 1173 [1+] 365 [2+] 341 [3+] 7 [4+] 0 [5+] 0 Hits/KSLOC@level+ = [0+] 100.282 [1+] 31.2046 [2+] 29.1528 [3+] 0.598444 [4+] 0 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.