Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/survivor-1.0.7/src/CorrectAllele.cpp
Examining data/survivor-1.0.7/src/CorrectAllele.h
Examining data/survivor-1.0.7/src/DetectDif.cpp
Examining data/survivor-1.0.7/src/DetectDif.h
Examining data/survivor-1.0.7/src/Extract_Seq.cpp
Examining data/survivor-1.0.7/src/Extract_Seq.h
Examining data/survivor-1.0.7/src/GzipStream.h
Examining data/survivor-1.0.7/src/SURVIVOR.cpp
Examining data/survivor-1.0.7/src/Summarize_SV.cpp
Examining data/survivor-1.0.7/src/Summarize_SV.h
Examining data/survivor-1.0.7/src/analysis_sv/GIAB_summary.cpp
Examining data/survivor-1.0.7/src/analysis_sv/GIAB_summary.h
Examining data/survivor-1.0.7/src/analysis_sv/MT_identifier.cpp
Examining data/survivor-1.0.7/src/analysis_sv/MT_identifier.h
Examining data/survivor-1.0.7/src/analysis_sv/MUMmer_overlap.cpp
Examining data/survivor-1.0.7/src/analysis_sv/MUMmer_overlap.h
Examining data/survivor-1.0.7/src/analysis_sv/Select_samples.cpp
Examining data/survivor-1.0.7/src/analysis_sv/Select_samples.h
Examining data/survivor-1.0.7/src/analysis_sv/Simplify_SVs.cpp
Examining data/survivor-1.0.7/src/analysis_sv/Simplify_SVs.h
Examining data/survivor-1.0.7/src/analysis_sv/Summ_mat.cpp
Examining data/survivor-1.0.7/src/analysis_sv/Summ_mat.h
Examining data/survivor-1.0.7/src/convert/ConvertMQ0Bed.cpp
Examining data/survivor-1.0.7/src/convert/ConvertMQ0Bed.h
Examining data/survivor-1.0.7/src/convert/Convert_Assemblytics.cpp
Examining data/survivor-1.0.7/src/convert/Convert_Assemblytics.h
Examining data/survivor-1.0.7/src/convert/Convert_Bionano.cpp
Examining data/survivor-1.0.7/src/convert/Convert_Bionano.h
Examining data/survivor-1.0.7/src/convert/Convert_Honey_tails.cpp
Examining data/survivor-1.0.7/src/convert/Convert_Honey_tails.h
Examining data/survivor-1.0.7/src/convert/Convert_MUMmer.cpp
Examining data/survivor-1.0.7/src/convert/Convert_MUMmer.h
Examining data/survivor-1.0.7/src/convert/Convert_Pindel.cpp
Examining data/survivor-1.0.7/src/convert/Convert_Pindel.h
Examining data/survivor-1.0.7/src/convert/Convert_VCF_to_BED.cpp
Examining data/survivor-1.0.7/src/convert/Convert_VCF_to_BED.h
Examining data/survivor-1.0.7/src/convert/Convert_hapcut2.cpp
Examining data/survivor-1.0.7/src/convert/Convert_hapcut2.h
Examining data/survivor-1.0.7/src/convert/Process_Coverage.cpp
Examining data/survivor-1.0.7/src/convert/Process_Coverage.h
Examining data/survivor-1.0.7/src/convert/Process_Lumpy.cpp
Examining data/survivor-1.0.7/src/convert/Process_Lumpy.h
Examining data/survivor-1.0.7/src/convert/Update_bam_pacbio.cpp
Examining data/survivor-1.0.7/src/convert/Update_bam_pacbio.h
Examining data/survivor-1.0.7/src/merge_vcf/IntervallTree.cpp
Examining data/survivor-1.0.7/src/merge_vcf/IntervallTree.h
Examining data/survivor-1.0.7/src/merge_vcf/Paramer.h
Examining data/survivor-1.0.7/src/merge_vcf/TNode.h
Examining data/survivor-1.0.7/src/merge_vcf/combine_svs.cpp
Examining data/survivor-1.0.7/src/merge_vcf/combine_svs.h
Examining data/survivor-1.0.7/src/phasing/Phasing_vcf.cpp
Examining data/survivor-1.0.7/src/phasing/Phasing_vcf.h
Examining data/survivor-1.0.7/src/scrup_vcf/scrup_svs.cpp
Examining data/survivor-1.0.7/src/scrup_vcf/scrup_vcf.h
Examining data/survivor-1.0.7/src/simulator/Error_scanner.cpp
Examining data/survivor-1.0.7/src/simulator/Error_scanner.h
Examining data/survivor-1.0.7/src/simulator/Eval_vcf.cpp
Examining data/survivor-1.0.7/src/simulator/Eval_vcf.h
Examining data/survivor-1.0.7/src/simulator/Pac_Simulator.cpp
Examining data/survivor-1.0.7/src/simulator/Pac_Simulator.h
Examining data/survivor-1.0.7/src/simulator/SV_Simulator.cpp
Examining data/survivor-1.0.7/src/simulator/SV_Simulator.h
Examining data/survivor-1.0.7/src/simulator/Sim_reads.cpp
Examining data/survivor-1.0.7/src/simulator/Sim_reads.h
Examining data/survivor-1.0.7/src/simulator/test_cov.cpp
Examining data/survivor-1.0.7/src/simulator/test_cov.h
Examining data/survivor-1.0.7/src/snp_overlap/Overlap_snps.cpp
Examining data/survivor-1.0.7/src/snp_overlap/Overlap_snps.h
Examining data/survivor-1.0.7/src/structs.h
Examining data/survivor-1.0.7/src/vcfs/Annotate_vcf.cpp
Examining data/survivor-1.0.7/src/vcfs/Annotate_vcf.h
Examining data/survivor-1.0.7/src/vcfs/Combine_3_VCF.cpp
Examining data/survivor-1.0.7/src/vcfs/Combine_3_VCF.h
Examining data/survivor-1.0.7/src/vcfs/Compoverlap_VCF.cpp
Examining data/survivor-1.0.7/src/vcfs/Compoverlap_VCF.h
Examining data/survivor-1.0.7/src/vcfs/Detect_nested.cpp
Examining data/survivor-1.0.7/src/vcfs/Detect_nested.h
Examining data/survivor-1.0.7/src/vcfs/Filter_vcf.cpp
Examining data/survivor-1.0.7/src/vcfs/Filter_vcf.h
Examining data/survivor-1.0.7/src/vcfs/Generate_distMat.cpp
Examining data/survivor-1.0.7/src/vcfs/Generate_distMat.h
Examining data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp
Examining data/survivor-1.0.7/src/vcfs/Merge_VCF.h
FINAL RESULTS:
data/survivor-1.0.7/src/simulator/Pac_Simulator.cpp:192:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(NULL));
data/survivor-1.0.7/src/simulator/SV_Simulator.cpp:498:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(NULL));
data/survivor-1.0.7/src/simulator/SV_Simulator.cpp:599:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(NULL));
data/survivor-1.0.7/src/simulator/SV_Simulator.cpp:948:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(NULL));
data/survivor-1.0.7/src/simulator/Sim_reads.cpp:203:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(NULL));
data/survivor-1.0.7/src/simulator/test_cov.cpp:35:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(NULL));
data/survivor-1.0.7/src/snp_overlap/Overlap_snps.cpp:745:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(NULL));
data/survivor-1.0.7/src/CorrectAllele.cpp:26:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(table.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/CorrectAllele.cpp:85:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(vcf_file.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/CorrectAllele.cpp:88:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(output.c_str(), "w");
data/survivor-1.0.7/src/DetectDif.cpp:26:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
stop = atoi(&buffer[i + 2]);
data/survivor-1.0.7/src/DetectDif.cpp:37:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(file.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/DetectDif.cpp:57:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
svs.start = atoi(&buffer[i]);
data/survivor-1.0.7/src/Extract_Seq.cpp:16:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(reference_file.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/Extract_Seq.cpp:247:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(outputfile.c_str(), "w");
data/survivor-1.0.7/src/SURVIVOR.cpp:59:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bool coordinates = bool(atoi(argv[5]) == 0);
data/survivor-1.0.7/src/SURVIVOR.cpp:81:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
generate_error_profile(atoi(argv[2]), false, std::string(argv[3]));
data/survivor-1.0.7/src/SURVIVOR.cpp:93:64: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
simulate_reads(std::string(argv[2]), std::string(argv[3]), atoi(argv[4]), std::string(argv[5]));
data/survivor-1.0.7/src/SURVIVOR.cpp:105:58: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
eval_vcf(std::string(argv[2]), std::string(argv[3]), atoi(argv[4]), std::string(argv[5]));
data/survivor-1.0.7/src/SURVIVOR.cpp:125:60: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
combine_calls_svs(std::string(argv[2]), atof(argv[3]), atoi(argv[4]), atoi(argv[5]), atoi(argv[6]), atoi(argv[7]), atoi(argv[8]), std::string(argv[9]));
data/survivor-1.0.7/src/SURVIVOR.cpp:125:75: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
combine_calls_svs(std::string(argv[2]), atof(argv[3]), atoi(argv[4]), atoi(argv[5]), atoi(argv[6]), atoi(argv[7]), atoi(argv[8]), std::string(argv[9]));
data/survivor-1.0.7/src/SURVIVOR.cpp:125:90: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
combine_calls_svs(std::string(argv[2]), atof(argv[3]), atoi(argv[4]), atoi(argv[5]), atoi(argv[6]), atoi(argv[7]), atoi(argv[8]), std::string(argv[9]));
data/survivor-1.0.7/src/SURVIVOR.cpp:125:105: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
combine_calls_svs(std::string(argv[2]), atof(argv[3]), atoi(argv[4]), atoi(argv[5]), atoi(argv[6]), atoi(argv[7]), atoi(argv[8]), std::string(argv[9]));
data/survivor-1.0.7/src/SURVIVOR.cpp:125:120: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
combine_calls_svs(std::string(argv[2]), atof(argv[3]), atoi(argv[4]), atoi(argv[5]), atoi(argv[6]), atoi(argv[7]), atoi(argv[8]), std::string(argv[9]));
data/survivor-1.0.7/src/SURVIVOR.cpp:140:60: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
filter_vcf(std::string(argv[2]), std::string(argv[3]), atoi(argv[4]), atoi(argv[5]), atof(argv[6]), atoi(argv[7]), std::string(argv[8]));
data/survivor-1.0.7/src/SURVIVOR.cpp:140:75: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
filter_vcf(std::string(argv[2]), std::string(argv[3]), atoi(argv[4]), atoi(argv[5]), atof(argv[6]), atoi(argv[7]), std::string(argv[8]));
data/survivor-1.0.7/src/SURVIVOR.cpp:140:105: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
filter_vcf(std::string(argv[2]), std::string(argv[3]), atoi(argv[4]), atoi(argv[5]), atof(argv[6]), atoi(argv[7]), std::string(argv[8]));
data/survivor-1.0.7/src/SURVIVOR.cpp:153:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
parse_VCF_to_bed(std::string(argv[2]), atoi(argv[3]), atoi(argv[4]), std::string(argv[5]));
data/survivor-1.0.7/src/SURVIVOR.cpp:153:59: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
parse_VCF_to_bed(std::string(argv[2]), atoi(argv[3]), atoi(argv[4]), std::string(argv[5]));
data/survivor-1.0.7/src/SURVIVOR.cpp:175:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
comp_mq0bed(std::string(argv[2]), atoi(argv[3]), atoi(argv[4]));
data/survivor-1.0.7/src/SURVIVOR.cpp:175:54: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
comp_mq0bed(std::string(argv[2]), atoi(argv[3]), atoi(argv[4]));
data/survivor-1.0.7/src/SURVIVOR.cpp:184:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
summary_SV(std::string(argv[2]), atoi(argv[3]), atoi(argv[4]), atoi(argv[5]), std::string(argv[6]));
data/survivor-1.0.7/src/SURVIVOR.cpp:184:53: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
summary_SV(std::string(argv[2]), atoi(argv[3]), atoi(argv[4]), atoi(argv[5]), std::string(argv[6]));
data/survivor-1.0.7/src/SURVIVOR.cpp:184:68: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
summary_SV(std::string(argv[2]), atoi(argv[3]), atoi(argv[4]), atoi(argv[5]), std::string(argv[6]));
data/survivor-1.0.7/src/SURVIVOR.cpp:186:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
summary_SV_stream(atoi(argv[2]), atoi(argv[3]), std::string(argv[4]));
data/survivor-1.0.7/src/SURVIVOR.cpp:186:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
summary_SV_stream(atoi(argv[2]), atoi(argv[3]), std::string(argv[4]));
data/survivor-1.0.7/src/SURVIVOR.cpp:197:65: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
overlapp_mummer(std::string(argv[2]), std::string(argv[3]), atoi(argv[4]), std::string(argv[5]));
data/survivor-1.0.7/src/SURVIVOR.cpp:232:48: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
process_Assemblytics(std::string(argv[2]), atoi(argv[3]), std::string(argv[4]));
data/survivor-1.0.7/src/SURVIVOR.cpp:242:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
summary_venn(std::string(argv[2]), bool(atoi(argv[3])==1), std::string(argv[4]));
data/survivor-1.0.7/src/SURVIVOR.cpp:325:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
switch (atoi(argv[1])) {
data/survivor-1.0.7/src/SURVIVOR.cpp:328:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bool coordinates = bool(atoi(argv[5]) == 0);
data/survivor-1.0.7/src/SURVIVOR.cpp:349:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bool error_mat = bool(atoi(argv[4]) == 1);
data/survivor-1.0.7/src/SURVIVOR.cpp:350:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
generate_error_profile(atoi(argv[3]), error_mat, std::string(argv[5]));
data/survivor-1.0.7/src/SURVIVOR.cpp:360:66: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
simulate_reads(std::string(argv[3]), std::string(argv[4]), atoi(argv[5]), std::string(argv[6]));
data/survivor-1.0.7/src/SURVIVOR.cpp:382:58: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
eval_vcf(std::string(argv[2]), std::string(argv[3]), atoi(argv[4]), std::string(argv[5]));
data/survivor-1.0.7/src/SURVIVOR.cpp:402:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
combine_calls_svs(std::string(argv[2]), atoi(argv[3]), atoi(argv[4]), atoi(argv[5]), atoi(argv[6]), atoi(argv[7]), atoi(argv[8]), std::string(argv[9]));
data/survivor-1.0.7/src/SURVIVOR.cpp:402:60: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
combine_calls_svs(std::string(argv[2]), atoi(argv[3]), atoi(argv[4]), atoi(argv[5]), atoi(argv[6]), atoi(argv[7]), atoi(argv[8]), std::string(argv[9]));
data/survivor-1.0.7/src/SURVIVOR.cpp:402:75: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
combine_calls_svs(std::string(argv[2]), atoi(argv[3]), atoi(argv[4]), atoi(argv[5]), atoi(argv[6]), atoi(argv[7]), atoi(argv[8]), std::string(argv[9]));
data/survivor-1.0.7/src/SURVIVOR.cpp:402:90: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
combine_calls_svs(std::string(argv[2]), atoi(argv[3]), atoi(argv[4]), atoi(argv[5]), atoi(argv[6]), atoi(argv[7]), atoi(argv[8]), std::string(argv[9]));
data/survivor-1.0.7/src/SURVIVOR.cpp:402:105: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
combine_calls_svs(std::string(argv[2]), atoi(argv[3]), atoi(argv[4]), atoi(argv[5]), atoi(argv[6]), atoi(argv[7]), atoi(argv[8]), std::string(argv[9]));
data/survivor-1.0.7/src/SURVIVOR.cpp:402:120: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
combine_calls_svs(std::string(argv[2]), atoi(argv[3]), atoi(argv[4]), atoi(argv[5]), atoi(argv[6]), atoi(argv[7]), atoi(argv[8]), std::string(argv[9]));
data/survivor-1.0.7/src/SURVIVOR.cpp:416:68: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
generate_gene_list(std::string(argv[2]), std::string(argv[3]), atoi(argv[4]), std::string(argv[5]));
data/survivor-1.0.7/src/SURVIVOR.cpp:439:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
parse_VCF_to_bed(std::string(argv[2]), atoi(argv[3]), atoi(argv[4]), std::string(argv[5]));
data/survivor-1.0.7/src/SURVIVOR.cpp:439:59: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
parse_VCF_to_bed(std::string(argv[2]), atoi(argv[3]), atoi(argv[4]), std::string(argv[5]));
data/survivor-1.0.7/src/SURVIVOR.cpp:461:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
process_Honey(std::string(argv[2]), atoi(argv[3]), std::string(argv[4]));
data/survivor-1.0.7/src/SURVIVOR.cpp:471:48: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
process_Assemblytics(std::string(argv[2]), atoi(argv[3]), std::string(argv[4]));
data/survivor-1.0.7/src/SURVIVOR.cpp:481:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
comp_mq0bed(std::string(argv[2]), atoi(argv[3]), atoi(argv[4]));
data/survivor-1.0.7/src/SURVIVOR.cpp:481:54: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
comp_mq0bed(std::string(argv[2]), atoi(argv[3]), atoi(argv[4]));
data/survivor-1.0.7/src/SURVIVOR.cpp:490:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
summary_SV(std::string(argv[2]), atoi(argv[3]), atoi(argv[4]), atoi(argv[5]), std::string(argv[6]));
data/survivor-1.0.7/src/SURVIVOR.cpp:490:53: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
summary_SV(std::string(argv[2]), atoi(argv[3]), atoi(argv[4]), atoi(argv[5]), std::string(argv[6]));
data/survivor-1.0.7/src/SURVIVOR.cpp:490:68: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
summary_SV(std::string(argv[2]), atoi(argv[3]), atoi(argv[4]), atoi(argv[5]), std::string(argv[6]));
data/survivor-1.0.7/src/SURVIVOR.cpp:493:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
summary_SV_stream(atoi(argv[2]), atoi(argv[3]), std::string(argv[4]));
data/survivor-1.0.7/src/SURVIVOR.cpp:493:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
summary_SV_stream(atoi(argv[2]), atoi(argv[3]), std::string(argv[4]));
data/survivor-1.0.7/src/SURVIVOR.cpp:513:60: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
eval_paper(std::string(argv[2]), std::string(argv[3]), atoi(argv[4]));
data/survivor-1.0.7/src/SURVIVOR.cpp:540:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
parse_VCF_to_bed(std::string(argv[2]), atoi(argv[3]), atoi(argv[4]), std::string(argv[5]));
data/survivor-1.0.7/src/SURVIVOR.cpp:540:59: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
parse_VCF_to_bed(std::string(argv[2]), atoi(argv[3]), atoi(argv[4]), std::string(argv[5]));
data/survivor-1.0.7/src/SURVIVOR.cpp:576:49: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
summarize_badcoverage(std::string(argv[2]), atoi(argv[3]), atoi(argv[4]), std::string(argv[5]));
data/survivor-1.0.7/src/SURVIVOR.cpp:576:64: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
summarize_badcoverage(std::string(argv[2]), atoi(argv[3]), atoi(argv[4]), std::string(argv[5]));
data/survivor-1.0.7/src/SURVIVOR.cpp:586:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
summarize_VCF_files(std::string(argv[2]), atoi(argv[3]), std::string(argv[4]));
data/survivor-1.0.7/src/SURVIVOR.cpp:634:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
summarize_svs_table_window_stream(atoi(argv[2]), std::string(argv[3]));
data/survivor-1.0.7/src/SURVIVOR.cpp:654:68: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
overlap_snpsGWASDB(std::string(argv[2]), std::string(argv[3]), atoi(argv[4]), atoi(argv[5]), atoi(argv[6]), std::string(argv[7]));
data/survivor-1.0.7/src/SURVIVOR.cpp:654:83: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
overlap_snpsGWASDB(std::string(argv[2]), std::string(argv[3]), atoi(argv[4]), atoi(argv[5]), atoi(argv[6]), std::string(argv[7]));
data/survivor-1.0.7/src/SURVIVOR.cpp:654:98: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
overlap_snpsGWASDB(std::string(argv[2]), std::string(argv[3]), atoi(argv[4]), atoi(argv[5]), atoi(argv[6]), std::string(argv[7]));
data/survivor-1.0.7/src/SURVIVOR.cpp:667:67: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
overlap_snps_gwas(std::string(argv[2]), std::string(argv[3]), atoi(argv[4]), atoi(argv[5]), std::string(argv[6]));
data/survivor-1.0.7/src/SURVIVOR.cpp:667:82: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
overlap_snps_gwas(std::string(argv[2]), std::string(argv[3]), atoi(argv[4]), atoi(argv[5]), std::string(argv[6]));
data/survivor-1.0.7/src/SURVIVOR.cpp:678:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
convert_mummer_svs(std::string(argv[2]), atoi(argv[3]), std::string(argv[4]));
data/survivor-1.0.7/src/SURVIVOR.cpp:688:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
est_cov(atoi(argv[2]), atoi(argv[3]), atoi(argv[4]), atoi(argv[5]), atoi(argv[6]));
data/survivor-1.0.7/src/SURVIVOR.cpp:688:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
est_cov(atoi(argv[2]), atoi(argv[3]), atoi(argv[4]), atoi(argv[5]), atoi(argv[6]));
data/survivor-1.0.7/src/SURVIVOR.cpp:688:43: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
est_cov(atoi(argv[2]), atoi(argv[3]), atoi(argv[4]), atoi(argv[5]), atoi(argv[6]));
data/survivor-1.0.7/src/SURVIVOR.cpp:688:58: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
est_cov(atoi(argv[2]), atoi(argv[3]), atoi(argv[4]), atoi(argv[5]), atoi(argv[6]));
data/survivor-1.0.7/src/SURVIVOR.cpp:688:73: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
est_cov(atoi(argv[2]), atoi(argv[3]), atoi(argv[4]), atoi(argv[5]), atoi(argv[6]));
data/survivor-1.0.7/src/SURVIVOR.cpp:700:62: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
simplify_svs(std::string(argv[2]), std::string(argv[3]), atoi(argv[4]), std::string(argv[5]));
data/survivor-1.0.7/src/SURVIVOR.cpp:710:65: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
overlapp_mummer(std::string(argv[2]), std::string(argv[3]), atoi(argv[4]), std::string(argv[5]));
data/survivor-1.0.7/src/SURVIVOR.cpp:720:73: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
generate_random_regions(std::string(argv[2]), std::string(argv[3]), atoi(argv[4]), std::string(argv[5]));
data/survivor-1.0.7/src/Summarize_SV.cpp:135:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(out.c_str(), "w");
data/survivor-1.0.7/src/Summarize_SV.cpp:144:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(output.c_str(), "w");
data/survivor-1.0.7/src/Summarize_SV.cpp:209:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(out.c_str(), "w");
data/survivor-1.0.7/src/Summarize_SV.cpp:291:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
supp = atoi(&line[i + 5]);
data/survivor-1.0.7/src/Summarize_SV.cpp:372:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE * file = fopen(out.c_str(), "a");
data/survivor-1.0.7/src/Summarize_SV.cpp:401:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(out.c_str(), "w");
data/survivor-1.0.7/src/Summarize_SV.cpp:411:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(output.c_str(), "w");
data/survivor-1.0.7/src/Summarize_SV.cpp:476:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(out.c_str(), "w");
data/survivor-1.0.7/src/Summarize_SV.cpp:541:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(filename.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/Summarize_SV.cpp:600:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE * file = fopen(output.c_str(), "w");
data/survivor-1.0.7/src/analysis_sv/GIAB_summary.cpp:190:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(filename.c_str(), ifstream::in);
data/survivor-1.0.7/src/analysis_sv/GIAB_summary.cpp:197:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(output.c_str(), "w");
data/survivor-1.0.7/src/analysis_sv/GIAB_summary.cpp:267:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(filename.c_str(), ifstream::in);
data/survivor-1.0.7/src/analysis_sv/GIAB_summary.cpp:289:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.support[0] += atoi(&buffer[i]);
data/survivor-1.0.7/src/analysis_sv/GIAB_summary.cpp:292:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.support[1] += atoi(&buffer[i]);
data/survivor-1.0.7/src/analysis_sv/GIAB_summary.cpp:295:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.support[2] += atoi(&buffer[i]);
data/survivor-1.0.7/src/analysis_sv/GIAB_summary.cpp:298:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.support[3] += atoi(&buffer[i]);
data/survivor-1.0.7/src/analysis_sv/GIAB_summary.cpp:300:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.support[4] += atoi(&buffer[i]);
data/survivor-1.0.7/src/analysis_sv/GIAB_summary.cpp:332:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file2 = fopen(output.c_str(), "w");
data/survivor-1.0.7/src/analysis_sv/GIAB_summary.cpp:418:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(out.c_str(), "w");
data/survivor-1.0.7/src/analysis_sv/MT_identifier.cpp:46:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.pos = atoi(&buffer[i]);
data/survivor-1.0.7/src/analysis_sv/MT_identifier.cpp:57:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.MQ = atoi(&buffer[i]);
data/survivor-1.0.7/src/analysis_sv/MUMmer_overlap.cpp:16:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(filename.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/analysis_sv/MUMmer_overlap.cpp:46:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(filename.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/analysis_sv/MUMmer_overlap.cpp:67:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
start = atoi(&buffer[i]);
data/survivor-1.0.7/src/analysis_sv/MUMmer_overlap.cpp:70:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
stop = atoi(&buffer[i]);
data/survivor-1.0.7/src/analysis_sv/MUMmer_overlap.cpp:74:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
len = atoi(&buffer[i]);
data/survivor-1.0.7/src/analysis_sv/MUMmer_overlap.cpp:133:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(vcf_SVs_file.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/analysis_sv/MUMmer_overlap.cpp:141:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(output.c_str(), "w");
data/survivor-1.0.7/src/analysis_sv/Select_samples.cpp:30:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(vcf_file.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/analysis_sv/Select_samples.cpp:125:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(output.c_str(), "w");
data/survivor-1.0.7/src/analysis_sv/Simplify_SVs.cpp:59:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sv.start.pos = atoi(&buffer[i]);
data/survivor-1.0.7/src/analysis_sv/Simplify_SVs.cpp:68:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sv.stop.pos = atoi(&buffer[i + 4]);
data/survivor-1.0.7/src/analysis_sv/Simplify_SVs.cpp:150:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(pop_file.c_str(), ifstream::in);
data/survivor-1.0.7/src/analysis_sv/Simplify_SVs.cpp:197:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(filename.c_str(), ifstream::in);
data/survivor-1.0.7/src/analysis_sv/Simplify_SVs.cpp:209:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file2 = fopen(output.c_str(), "w");
data/survivor-1.0.7/src/analysis_sv/Summ_mat.cpp:79:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(venn_file.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/analysis_sv/Summ_mat.cpp:89:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(output.c_str(), "w");
data/survivor-1.0.7/src/analysis_sv/Summ_mat.cpp:111:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pos = atoi(&buffer[i]);
data/survivor-1.0.7/src/analysis_sv/Summ_mat.cpp:168:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(output.c_str(), "w");
data/survivor-1.0.7/src/analysis_sv/Summ_mat.cpp:193:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pos = atoi(&buffer[i]);
data/survivor-1.0.7/src/convert/ConvertMQ0Bed.cpp:15:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(cov_file.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/convert/ConvertMQ0Bed.cpp:36:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
current = atoi(&buffer[i]);
data/survivor-1.0.7/src/convert/ConvertMQ0Bed.cpp:39:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cov = atoi(&buffer[i]);
data/survivor-1.0.7/src/convert/Convert_Assemblytics.cpp:59:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(assemblytics.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/convert/Convert_Assemblytics.cpp:78:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.start.pos = atoi(&buffer[i]);
data/survivor-1.0.7/src/convert/Convert_Assemblytics.cpp:81:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.stop.pos = atoi(&buffer[i]);
data/survivor-1.0.7/src/convert/Convert_Assemblytics.cpp:93:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dist= abs(atoi(&buffer[i]));
data/survivor-1.0.7/src/convert/Convert_Assemblytics.cpp:142:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(output.c_str(), "w");
data/survivor-1.0.7/src/convert/Convert_Bionano.cpp:63:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(bionano.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/convert/Convert_Bionano.cpp:88:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
query_start = atoi(&buffer[i]);
data/survivor-1.0.7/src/convert/Convert_Bionano.cpp:91:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
query_stop = atoi(&buffer[i]);
data/survivor-1.0.7/src/convert/Convert_Bionano.cpp:94:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.start.pos = atoi(&buffer[i]);
data/survivor-1.0.7/src/convert/Convert_Bionano.cpp:97:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.stop.pos = atoi(&buffer[i]);
data/survivor-1.0.7/src/convert/Convert_Bionano.cpp:133:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(bionano.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/convert/Convert_Bionano.cpp:172:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.start.pos = atoi(&buffer[i]);
data/survivor-1.0.7/src/convert/Convert_Bionano.cpp:175:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.stop.pos = atoi(&buffer[i]);
data/survivor-1.0.7/src/convert/Convert_Bionano.cpp:178:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.sv_len = atoi(&buffer[i]);
data/survivor-1.0.7/src/convert/Convert_Bionano.cpp:199:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(output.c_str(), "w");
data/survivor-1.0.7/src/convert/Convert_Bionano.cpp:211:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(output.c_str(), "w");
data/survivor-1.0.7/src/convert/Convert_Honey_tails.cpp:32:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(assemblytics.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/convert/Convert_Honey_tails.cpp:55:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.start.pos = atoi(&buffer[i]);
data/survivor-1.0.7/src/convert/Convert_Honey_tails.cpp:58:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.stop.pos = atoi(&buffer[i]);
data/survivor-1.0.7/src/convert/Convert_Honey_tails.cpp:67:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dist= abs(atoi(&buffer[i]));
data/survivor-1.0.7/src/convert/Convert_Honey_tails.cpp:117:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(output.c_str(), "w");
data/survivor-1.0.7/src/convert/Convert_MUMmer.cpp:45:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(mummer.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/convert/Convert_MUMmer.cpp:56:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(output.c_str(), "w");
data/survivor-1.0.7/src/convert/Convert_MUMmer.cpp:73:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
start = atoi(&buffer[i]);
data/survivor-1.0.7/src/convert/Convert_MUMmer.cpp:76:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
stop = atoi(&buffer[i]);
data/survivor-1.0.7/src/convert/Convert_MUMmer.cpp:79:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
len = atoi(&buffer[i]);
data/survivor-1.0.7/src/convert/Convert_Pindel.cpp:79:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(pindel_vcf.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/convert/Convert_Pindel.cpp:100:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
region.start.pos=atoi(&buffer[i]);
data/survivor-1.0.7/src/convert/Convert_Pindel.cpp:103:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
region.stop.pos=atoi(&buffer[i+4]);
data/survivor-1.0.7/src/convert/Convert_Pindel.cpp:112:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
support=atoi(&buffer[i]);
data/survivor-1.0.7/src/convert/Convert_VCF_to_BED.cpp:58:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(vcf_file.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/convert/Convert_VCF_to_BED.cpp:90:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(output.c_str(), "w");
data/survivor-1.0.7/src/convert/Convert_VCF_to_BED.cpp:172:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(filename.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/convert/Convert_VCF_to_BED.cpp:192:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.start.pos = atoi(&buffer[i]);
data/survivor-1.0.7/src/convert/Convert_VCF_to_BED.cpp:233:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(output.c_str(), "w");
data/survivor-1.0.7/src/convert/Convert_VCF_to_BED.cpp:357:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(bedfile.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/convert/Convert_VCF_to_BED.cpp:363:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(output.c_str(), "w");
data/survivor-1.0.7/src/convert/Convert_VCF_to_BED.cpp:377:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
region.start.pos = atoi(&buffer[i])-1;
data/survivor-1.0.7/src/convert/Convert_VCF_to_BED.cpp:380:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
region.stop.pos = atoi(&buffer[i])-1;
data/survivor-1.0.7/src/convert/Convert_VCF_to_BED.cpp:406:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(output.c_str(), "w");
data/survivor-1.0.7/src/convert/Convert_VCF_to_BED.cpp:459:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(vcffile.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/convert/Convert_VCF_to_BED.cpp:465:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(output.c_str(), "w");
data/survivor-1.0.7/src/convert/Convert_VCF_to_BED.cpp:478:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
start = atoi(&buffer[i + 1]);
data/survivor-1.0.7/src/convert/Convert_VCF_to_BED.cpp:503:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(output.c_str(), "w");
data/survivor-1.0.7/src/convert/Convert_VCF_to_BED.cpp:523:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(output.c_str(), "w");
data/survivor-1.0.7/src/convert/Convert_hapcut2.cpp:16:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(hapcut2.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/convert/Convert_hapcut2.cpp:42:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pos = atoi(&buffer[i]);
data/survivor-1.0.7/src/convert/Convert_hapcut2.cpp:82:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(orig_snp.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/convert/Convert_hapcut2.cpp:87:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE * file = fopen(output.c_str(), "w");
data/survivor-1.0.7/src/convert/Convert_hapcut2.cpp:115:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pos = atoi(&buffer[i]);
data/survivor-1.0.7/src/convert/Process_Coverage.cpp:14:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(filename.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/convert/Process_Coverage.cpp:21:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(output.c_str(), "w");
data/survivor-1.0.7/src/convert/Process_Coverage.cpp:55:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pos = atoi(&buffer[i]);
data/survivor-1.0.7/src/convert/Process_Coverage.cpp:58:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cov = atoi(&buffer[i]);
data/survivor-1.0.7/src/convert/Process_Lumpy.cpp:32:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
support += atoi(&line[i]);
data/survivor-1.0.7/src/convert/Process_Lumpy.cpp:51:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
region.start.pos = atoi(&buffer[i]);
data/survivor-1.0.7/src/convert/Process_Lumpy.cpp:58:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
region.stop.pos = atoi(&buffer[i]);
data/survivor-1.0.7/src/convert/Process_Lumpy.cpp:184:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(lumpy_bede.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/convert/Process_Lumpy.cpp:190:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE * file = fopen(output.c_str(), "a");
data/survivor-1.0.7/src/convert/Process_Lumpy.cpp:205:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
region.start.pos = atoi(&buffer[i]);
data/survivor-1.0.7/src/convert/Process_Lumpy.cpp:212:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
region.stop.pos = atoi(&buffer[i]);
data/survivor-1.0.7/src/convert/Process_Lumpy.cpp:249:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(output.c_str(), "w");
data/survivor-1.0.7/src/convert/Process_Lumpy.cpp:289:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(output.c_str(), "a");
data/survivor-1.0.7/src/convert/Process_Lumpy.cpp:368:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(out_vcf.c_str(), "w");
data/survivor-1.0.7/src/convert/Process_Lumpy.cpp:373:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(in_vcf.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/convert/Update_bam_pacbio.cpp:30:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(unmapped_sam.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/convert/Update_bam_pacbio.cpp:62:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(mapped_sam.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/convert/Update_bam_pacbio.cpp:69:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file2 = fopen(output_sam.c_str(), "w");
data/survivor-1.0.7/src/merge_vcf/combine_svs.cpp:68:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/survivor-1.0.7/src/merge_vcf/combine_svs.cpp:590:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(filename.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/merge_vcf/combine_svs.cpp:611:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
chrs[name] = atoi(&buffer[i + 1]);
data/survivor-1.0.7/src/merge_vcf/combine_svs.cpp:667:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(output.c_str(), "w");
data/survivor-1.0.7/src/merge_vcf/combine_svs.cpp:751:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(output.c_str(), "w");
data/survivor-1.0.7/src/phasing/Phasing_vcf.cpp:14:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(hapcut_output.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/phasing/Phasing_vcf.cpp:46:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.position = atoi(&buffer[i]);
data/survivor-1.0.7/src/phasing/Phasing_vcf.cpp:74:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(parents_vcf.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/phasing/Phasing_vcf.cpp:91:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pos = atoi(&buffer[i]);
data/survivor-1.0.7/src/phasing/Phasing_vcf.cpp:143:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(gatk_output.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/phasing/Phasing_vcf.cpp:160:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pos = atoi(&buffer[i]);
data/survivor-1.0.7/src/phasing/Phasing_vcf.cpp:237:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(snp_output.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/phasing/Phasing_vcf.cpp:255:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pos = atoi(&buffer[i]);
data/survivor-1.0.7/src/phasing/Phasing_vcf.cpp:285:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(parents_vcf.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/phasing/Phasing_vcf.cpp:302:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pos = atoi(&buffer[i]);
data/survivor-1.0.7/src/phasing/Phasing_vcf.cpp:362:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(output.c_str(), "w");
data/survivor-1.0.7/src/simulator/Error_scanner.cpp:120:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((atoi(&md[i]) == 0 && md[i] != '0') && md[i] != '^') { //is not a number
data/survivor-1.0.7/src/simulator/Error_scanner.cpp:157:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pos += atoi(&md[i]);
data/survivor-1.0.7/src/simulator/Error_scanner.cpp:238:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((atoi(&md[i]) == 0 && md[i] != '0')) { //is not a number
data/survivor-1.0.7/src/simulator/Error_scanner.cpp:260:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pos += atoi(&md[i]);
data/survivor-1.0.7/src/simulator/Error_scanner.cpp:295:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((atoi(&buffer[i]) == 0 && buffer[i] != '0')) { //not a number:
data/survivor-1.0.7/src/simulator/Error_scanner.cpp:301:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.Length = atoi(&buffer[i]);
data/survivor-1.0.7/src/simulator/Error_scanner.cpp:436:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(output.c_str(), "w");
data/survivor-1.0.7/src/simulator/Error_scanner.cpp:459:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(out.c_str(), "w");
data/survivor-1.0.7/src/simulator/Eval_vcf.cpp:40:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(filename.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/simulator/Eval_vcf.cpp:56:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.start.pos = atoi(&buffer[i]);
data/survivor-1.0.7/src/simulator/Eval_vcf.cpp:62:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.stop.pos = atoi(&buffer[i]);
data/survivor-1.0.7/src/simulator/Eval_vcf.cpp:110:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
gq = atoi(&entry[i]);
data/survivor-1.0.7/src/simulator/Eval_vcf.cpp:113:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dr = atoi(&entry[i]);
data/survivor-1.0.7/src/simulator/Eval_vcf.cpp:116:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dv = atoi(&entry[i]);
data/survivor-1.0.7/src/simulator/Eval_vcf.cpp:119:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
rr = atoi(&entry[i]);
data/survivor-1.0.7/src/simulator/Eval_vcf.cpp:122:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
rv = atoi(&entry[i]);
data/survivor-1.0.7/src/simulator/Eval_vcf.cpp:205:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
right = fopen(out.c_str(), "w");
data/survivor-1.0.7/src/simulator/Eval_vcf.cpp:209:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
addition = fopen(out.c_str(), "w");
data/survivor-1.0.7/src/simulator/Pac_Simulator.cpp:170:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(genome.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/simulator/Pac_Simulator.cpp:182:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(out.c_str(), "w");
data/survivor-1.0.7/src/simulator/Pac_Simulator.cpp:186:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file2 = fopen(out.c_str(), "w");
data/survivor-1.0.7/src/simulator/Pac_Simulator.cpp:190:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
sam = fopen(out.c_str(), "w");
data/survivor-1.0.7/src/simulator/SV_Simulator.cpp:29:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return atoi(&buffer[i]);
data/survivor-1.0.7/src/simulator/SV_Simulator.cpp:50:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(filename.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/simulator/SV_Simulator.cpp:123:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(ref_file.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/simulator/SV_Simulator.cpp:675:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file2 = fopen(out.c_str(), "w");
data/survivor-1.0.7/src/simulator/SV_Simulator.cpp:713:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file2 = fopen(out.c_str(), "w");
data/survivor-1.0.7/src/simulator/SV_Simulator.cpp:722:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(out.c_str(), "w");
data/survivor-1.0.7/src/simulator/SV_Simulator.cpp:834:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/survivor-1.0.7/src/simulator/SV_Simulator.cpp:974:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file2 = fopen(out.c_str(), "w");
data/survivor-1.0.7/src/simulator/SV_Simulator.cpp:1008:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file2 = fopen(parameter_file.c_str(), "w");
data/survivor-1.0.7/src/simulator/Sim_reads.cpp:14:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(genome_file.c_str(), ifstream::in);
data/survivor-1.0.7/src/simulator/Sim_reads.cpp:159:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(error_profile_file.c_str(), ifstream::in);
data/survivor-1.0.7/src/simulator/Sim_reads.cpp:225:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(output.c_str(), "w");
data/survivor-1.0.7/src/snp_overlap/Overlap_snps.cpp:20:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
len = atoi(&buffer[i]);
data/survivor-1.0.7/src/snp_overlap/Overlap_snps.cpp:53:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(vcf_file.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/snp_overlap/Overlap_snps.cpp:126:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(output.c_str(), "w");
data/survivor-1.0.7/src/snp_overlap/Overlap_snps.cpp:131:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(snp_file.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/snp_overlap/Overlap_snps.cpp:162:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
start = atoi(&buffer[i]);
data/survivor-1.0.7/src/snp_overlap/Overlap_snps.cpp:173:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pop = atoi(&buffer[i]);
data/survivor-1.0.7/src/snp_overlap/Overlap_snps.cpp:283:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int pos = atoi(&buffer[i]);
data/survivor-1.0.7/src/snp_overlap/Overlap_snps.cpp:289:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pos = atoi(&buffer[i]);
data/survivor-1.0.7/src/snp_overlap/Overlap_snps.cpp:311:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pos = atoi(&buffer[i]);
data/survivor-1.0.7/src/snp_overlap/Overlap_snps.cpp:326:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(svs_file.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/snp_overlap/Overlap_snps.cpp:342:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.start.pos = atoi(&buffer[i]);
data/survivor-1.0.7/src/snp_overlap/Overlap_snps.cpp:345:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.stop.pos = atoi(&buffer[i]);
data/survivor-1.0.7/src/snp_overlap/Overlap_snps.cpp:348:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.type = atoi(&buffer[i]);
data/survivor-1.0.7/src/snp_overlap/Overlap_snps.cpp:413:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(output.c_str(), "w");
data/survivor-1.0.7/src/snp_overlap/Overlap_snps.cpp:619:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(snp_file.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/snp_overlap/Overlap_snps.cpp:625:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(output.c_str(), "w");
data/survivor-1.0.7/src/snp_overlap/Overlap_snps.cpp:652:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pop = atoi(&buffer[i]);
data/survivor-1.0.7/src/snp_overlap/Overlap_snps.cpp:703:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(genome_file.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/snp_overlap/Overlap_snps.cpp:747:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(output.c_str(), "w");
data/survivor-1.0.7/src/vcfs/Annotate_vcf.cpp:23:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(gtf_file.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/vcfs/Annotate_vcf.cpp:46:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.region.start.pos = atoi(&buffer[i]);
data/survivor-1.0.7/src/vcfs/Annotate_vcf.cpp:50:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.region.stop.pos = atoi(&buffer[i]);
data/survivor-1.0.7/src/vcfs/Annotate_vcf.cpp:76:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(gtf_file.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/vcfs/Annotate_vcf.cpp:93:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.region.start.pos = atoi(&buffer[i]);
data/survivor-1.0.7/src/vcfs/Annotate_vcf.cpp:97:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.region.stop.pos = atoi(&buffer[i]);
data/survivor-1.0.7/src/vcfs/Annotate_vcf.cpp:171:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(outputfile.c_str(), "w");
data/survivor-1.0.7/src/vcfs/Annotate_vcf.cpp:254:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(LTR_file.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/vcfs/Annotate_vcf.cpp:289:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.start = atoi(&buffer[i]);
data/survivor-1.0.7/src/vcfs/Annotate_vcf.cpp:292:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.stop = atoi(&buffer[i]);
data/survivor-1.0.7/src/vcfs/Annotate_vcf.cpp:296:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(&buffer[i]) == 1) {
data/survivor-1.0.7/src/vcfs/Annotate_vcf.cpp:342:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(vcf_file.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/vcfs/Annotate_vcf.cpp:382:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.start.pos = atoi(&buffer[i]);
data/survivor-1.0.7/src/vcfs/Annotate_vcf.cpp:425:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(out.c_str(), "w");
data/survivor-1.0.7/src/vcfs/Annotate_vcf.cpp:457:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(out.c_str(), "w");
data/survivor-1.0.7/src/vcfs/Annotate_vcf.cpp:552:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(vcf_file.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/vcfs/Annotate_vcf.cpp:569:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
svs.start = atoi(&buffer[i]);
data/survivor-1.0.7/src/vcfs/Annotate_vcf.cpp:575:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
svs.stop = atoi(&buffer[i + 5]);
data/survivor-1.0.7/src/vcfs/Annotate_vcf.cpp:596:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(annotation.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/vcfs/Annotate_vcf.cpp:616:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
start = atoi(&buffer[i]);
data/survivor-1.0.7/src/vcfs/Annotate_vcf.cpp:620:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
stop = atoi(&buffer[i]);
data/survivor-1.0.7/src/vcfs/Annotate_vcf.cpp:656:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(output.c_str(), "w");
data/survivor-1.0.7/src/vcfs/Combine_3_VCF.cpp:103:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
final = fopen(out.c_str(), "w");
data/survivor-1.0.7/src/vcfs/Combine_3_VCF.cpp:139:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
final = fopen(out.c_str(), "w");
data/survivor-1.0.7/src/vcfs/Combine_3_VCF.cpp:143:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
unique = fopen(out.c_str(), "w");
data/survivor-1.0.7/src/vcfs/Compoverlap_VCF.cpp:38:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(vcf_file.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/vcfs/Compoverlap_VCF.cpp:99:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
combined = fopen(out.c_str(), "w");
data/survivor-1.0.7/src/vcfs/Compoverlap_VCF.cpp:103:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
unique_delly = fopen(out.c_str(), "w");
data/survivor-1.0.7/src/vcfs/Compoverlap_VCF.cpp:107:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
unique_lumpy = fopen(out.c_str(), "w");
data/survivor-1.0.7/src/vcfs/Detect_nested.cpp:14:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(vcf_file.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/vcfs/Detect_nested.cpp:46:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
id = atoi(&buffer[i]);
data/survivor-1.0.7/src/vcfs/Filter_vcf.cpp:22:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
gq = atoi(&entry[i]);
data/survivor-1.0.7/src/vcfs/Filter_vcf.cpp:25:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dr = atoi(&entry[i]);
data/survivor-1.0.7/src/vcfs/Filter_vcf.cpp:28:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dv = atoi(&entry[i]);
data/survivor-1.0.7/src/vcfs/Filter_vcf.cpp:31:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
rr = atoi(&entry[i]);
data/survivor-1.0.7/src/vcfs/Filter_vcf.cpp:34:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
rv = atoi(&entry[i]);
data/survivor-1.0.7/src/vcfs/Filter_vcf.cpp:37:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lumpy = atoi(&entry[i]);
data/survivor-1.0.7/src/vcfs/Filter_vcf.cpp:86:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(filename.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/vcfs/Filter_vcf.cpp:101:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.start.pos = atoi(&buffer[i]);
data/survivor-1.0.7/src/vcfs/Filter_vcf.cpp:104:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.stop.pos = atoi(&buffer[i]);
data/survivor-1.0.7/src/vcfs/Filter_vcf.cpp:134:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(vcf_file.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/vcfs/Filter_vcf.cpp:140:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(outputvcf.c_str(), "w");
data/survivor-1.0.7/src/vcfs/Filter_vcf.cpp:181:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(vcf_file.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/vcfs/Filter_vcf.cpp:187:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(outputvcf.c_str(), "w");
data/survivor-1.0.7/src/vcfs/Filter_vcf.cpp:204:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
len = atoi(&buffer[i + 6]);
data/survivor-1.0.7/src/vcfs/Filter_vcf.cpp:243:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(venn_file.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/vcfs/Generate_distMat.cpp:19:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(filename.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/vcfs/Generate_distMat.cpp:74:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(filename.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/vcfs/Generate_distMat.cpp:147:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE * file = fopen(output.c_str(), "w");
data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:17:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(filename.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:42:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pos.pos = atoi(&buffer[i + 5]);
data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:94:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
entries.push_back(atoi(&buffer[i]));
data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:97:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
entries.push_back(atoi(&buffer[i + 1]));
data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:162:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pos.pos = atoi(&buffer[i]);
data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:194:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
res.first += atoi(&buffer[i]);
data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:198:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
res.second += atoi(&buffer[i]);
data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:225:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
res.first += atoi(&buffer[i]);
data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:229:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
res.second += atoi(&buffer[i]);
data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:253:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
res.first += atoi(&buffer[i]);
data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:257:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
res.second += atoi(&buffer[i]);
data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:274:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
support = atoi(&buffer[i + 6]);
data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:277:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
support += atoi(&buffer[i + 4]);
data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:387:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.start.pos = atoi(&buffer[i]);
data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:407:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.num_reads.second = atoi(&buffer[i + 4]);
data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:410:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.num_reads.second = atoi(&buffer[i + 4]);
data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:559:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(filename.c_str(), std::ifstream::in);
data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:627:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.start.pos = atoi(&buffer[i]);
data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:656:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.quality = atoi(&buffer[i]);
data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:670:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.num_reads.second = atoi(&buffer[i + 4]);
data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:673:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.num_reads.second = atoi(&buffer[i + 4]);
data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:691:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.sv_len = abs((int) atoi(&buffer[i + 8]));
data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:694:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tmp.sv_len = abs((int) atoi(&buffer[i + 7]));
data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:698:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ss << atoi(&buffer[i + 5]);
data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:876:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
myfile.open(names[0].c_str(), std::ifstream::in);
data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:977:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(outputfile.c_str(), "w");
data/survivor-1.0.7/src/vcfs/Merge_VCF.cpp:996:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(outputfile.c_str(), "w");
data/survivor-1.0.7/src/simulator/Error_scanner.cpp:95:5: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.insert(pos, "-");
data/survivor-1.0.7/src/simulator/Error_scanner.cpp:100:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.erase(pos, cigar_data[i].Length);
data/survivor-1.0.7/src/simulator/Error_scanner.cpp:125:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (j < read.size() && aln_pos != pos) {
data/survivor-1.0.7/src/simulator/Error_scanner.cpp:164:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cout << "read: "<<dir<<" "<< read << endl;
data/survivor-1.0.7/src/simulator/Error_scanner.cpp:176:41: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
error_mat[pos][get_id(ref[i])][get_id(read[i])]++;
data/survivor-1.0.7/src/simulator/Error_scanner.cpp:177:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read[i] != '-') {
data/survivor-1.0.7/src/simulator/Error_scanner.cpp:445:40: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
fprintf(file, "%f", error_profile[i].mismatch / error_profile[i].total);
data/survivor-1.0.7/src/simulator/Error_scanner.h:35:9: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
double mismatch;
data/survivor-1.0.7/src/simulator/Pac_Simulator.cpp:67:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void rev_comp(std::string & read) {
data/survivor-1.0.7/src/simulator/Pac_Simulator.cpp:69:41: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for (std::string::reverse_iterator i = read.rbegin(); i != read.rend(); i++) {
data/survivor-1.0.7/src/simulator/Pac_Simulator.cpp:69:61: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for (std::string::reverse_iterator i = read.rbegin(); i != read.rend(); i++) {
data/survivor-1.0.7/src/simulator/Pac_Simulator.cpp:72:2: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read.clear();
data/survivor-1.0.7/src/simulator/Pac_Simulator.cpp:96:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rev_comp(read);
data/survivor-1.0.7/src/simulator/Pac_Simulator.cpp:108:46: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((int)new_seq.size() < len && pos < read.size()) {
data/survivor-1.0.7/src/simulator/Pac_Simulator.cpp:109:48: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (rand() % 100 < 15 && (pos > 0 && pos < read.size() - 1)) { //why 4?? // ADD MISMATCHES
data/survivor-1.0.7/src/simulator/Pac_Simulator.cpp:139:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
new_seq += read[pos];
data/survivor-1.0.7/src/simulator/Sim_reads.cpp:255:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (num_N / (double) read.size() > 0.1) { //Obtaining the sequence (avoid large regions of N's)
data/survivor-1.0.7/src/simulator/Sim_reads.cpp:276:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (t < read.size()) {
data/survivor-1.0.7/src/simulator/Sim_reads.cpp:277:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if(read[t]=='N'){
data/survivor-1.0.7/src/simulator/Sim_reads.cpp:278:5: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read[t]=new_nuc('N');
data/survivor-1.0.7/src/simulator/Sim_reads.cpp:283:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
final_read += read[t];
data/survivor-1.0.7/src/simulator/Sim_reads.cpp:285:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
final_read += new_nuc(read[t]);
data/survivor-1.0.7/src/simulator/Sim_reads.cpp:286:85: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
} else if (bp < error_profile[t].ins + error_profile[t].match + error_profile[t].mismatch) {
data/survivor-1.0.7/src/simulator/Sim_reads.cpp:287:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
final_read += read[t];
ANALYSIS SUMMARY:
Hits = 365
Lines analyzed = 14769 in approximately 0.48 seconds (30470 lines/second)
Physical Source Lines of Code (SLOC) = 11697
Hits@level = [0] 808 [1] 24 [2] 334 [3] 7 [4] 0 [5] 0
Hits@level+ = [0+] 1173 [1+] 365 [2+] 341 [3+] 7 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 100.282 [1+] 31.2046 [2+] 29.1528 [3+] 0.598444 [4+] 0 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.