Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/tercpp-0.6.2+svn46/test/main.cpp Examining data/tercpp-0.6.2+svn46/src/bestShiftStruct.h Examining data/tercpp-0.6.2+svn46/src/infosHasher.h Examining data/tercpp-0.6.2+svn46/src/stringInfosHasher.cpp Examining data/tercpp-0.6.2+svn46/src/alignmentStruct.cpp Examining data/tercpp-0.6.2+svn46/src/hashMap.h Examining data/tercpp-0.6.2+svn46/src/hashMapStringInfos.h Examining data/tercpp-0.6.2+svn46/src/terAlignment.cpp Examining data/tercpp-0.6.2+svn46/src/tercalc.cpp Examining data/tercpp-0.6.2+svn46/src/multiEvaluation.h Examining data/tercpp-0.6.2+svn46/src/tercalc.h Examining data/tercpp-0.6.2+svn46/src/sgmlDocument.cpp Examining data/tercpp-0.6.2+svn46/src/sgmlDocument.h Examining data/tercpp-0.6.2+svn46/src/terEvaluation.h Examining data/tercpp-0.6.2+svn46/src/documentStructure.h Examining data/tercpp-0.6.2+svn46/src/terShift.cpp Examining data/tercpp-0.6.2+svn46/src/hashMap.cpp Examining data/tercpp-0.6.2+svn46/src/tools.h Examining data/tercpp-0.6.2+svn46/src/alignmentStruct.h Examining data/tercpp-0.6.2+svn46/src/stringInfosHasher.h Examining data/tercpp-0.6.2+svn46/src/segmentStructure.h Examining data/tercpp-0.6.2+svn46/src/hashMapStringInfos.cpp Examining data/tercpp-0.6.2+svn46/src/hashMapInfos.cpp Examining data/tercpp-0.6.2+svn46/src/stringHasher.h Examining data/tercpp-0.6.2+svn46/src/terShift.h Examining data/tercpp-0.6.2+svn46/src/documentStructure.cpp Examining data/tercpp-0.6.2+svn46/src/terAlignment.h Examining data/tercpp-0.6.2+svn46/src/segmentStructure.cpp Examining data/tercpp-0.6.2+svn46/src/stringHasher.cpp Examining data/tercpp-0.6.2+svn46/src/hashMapInfos.h Examining data/tercpp-0.6.2+svn46/src/xmlStructure.h Examining data/tercpp-0.6.2+svn46/src/multiTxtDocument.cpp Examining data/tercpp-0.6.2+svn46/src/multiTxtDocument.h Examining data/tercpp-0.6.2+svn46/src/tools.cpp Examining data/tercpp-0.6.2+svn46/src/infosHasher.cpp Examining data/tercpp-0.6.2+svn46/src/xmlStructure.cpp Examining data/tercpp-0.6.2+svn46/src/multiEvaluation.cpp FINAL RESULTS: data/tercpp-0.6.2+svn46/src/multiEvaluation.cpp:121:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf ( outputCharBuffer, "%19s | %4s | %4s | %4s | %4s | %4s | %6s | %8s | %8s", "Sent Id", "Ins", "Del", "Sub", "Shft", "WdSh", "NumEr", "AvNumWd", "TER"); data/tercpp-0.6.2+svn46/src/multiEvaluation.cpp:155:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(outputCharBufferTmp, "%19s | %4d | %4d | %4d | %4d | %4d | %6.1f | %8.3f | %8.3f",(l_id+":"+bestDocId).c_str(), l_result.numIns, l_result.numDel, l_result.numSub, l_result.numSft, l_result.numWsf, l_result.numEdits, l_result.averageWords, l_result.scoreAv()*100.0); data/tercpp-0.6.2+svn46/src/multiEvaluation.cpp:187:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf ( outputCharBufferTmp, "%19s | %4d | %4d | %4d | %4d | %4d | %6.1f | %8.3f | %8.3f", "TOTAL", tot_ins, tot_del, tot_sub, tot_sft, tot_wsf, tot_err, tot_wds, tot_err*100.0 / tot_wds ); data/tercpp-0.6.2+svn46/src/multiEvaluation.cpp:357:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf ( outputCharBuffer, "%19s | %4s | %4s | %4s | %4s | %4s | %6s | %8s | %8s", "Sent Id", "Ins", "Del", "Sub", "Shft", "WdSh", "NumEr", "AvNumWd", "TER"); data/tercpp-0.6.2+svn46/src/multiEvaluation.cpp:390:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(outputCharBufferTmp, "%19s | %4d | %4d | %4d | %4d | %4d | %6.1f | %8.3f | %8.3f",(l_id+":"+bestDocId).c_str(), l_result.numIns, l_result.numDel, l_result.numSub, l_result.numSft, l_result.numWsf, l_result.numEdits, l_result.averageWords, l_result.scoreAv()*100.0); data/tercpp-0.6.2+svn46/src/multiEvaluation.cpp:419:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf ( outputCharBufferTmp, "%19s | %4d | %4d | %4d | %4d | %4d | %6.1f | %8.3f | %8.3f", "TOTAL", tot_ins, tot_del, tot_sub, tot_sft, tot_wsf, tot_err, tot_wds, tot_err*100.0 / tot_wds ); data/tercpp-0.6.2+svn46/test/main.cpp:358:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(outputCharBuffer, "%19s | %4s | %4s | %4s | %4s | %4s | %6s | %8s | %8s","Sent Id", "Ins", "Del", "Sub", "Shft", "WdSh", "NumEr", "NumWd", "TER"); data/tercpp-0.6.2+svn46/test/main.cpp:390:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(outputCharBufferTmp, "%19s | %4d | %4d | %4d | %4d | %4d | %6.1f | %8.3f | %8.3f",((l_id.substr(1,l_id.size()-2))+":1").c_str(), result.numIns, result.numDel, result.numSub, result.numSft, result.numWsf, result.numEdits, result.numWords, result.score()*100.0); data/tercpp-0.6.2+svn46/test/main.cpp:402:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(outputCharBufferTmp, "%19s | %4d | %4d | %4d | %4d | %4d | %6.1f | %8.3f | %8.3f", "TOTAL", tot_ins, tot_del, tot_sub, tot_sft, tot_wsf, tot_err, tot_wds, tot_err*100.0/tot_wds); data/tercpp-0.6.2+svn46/test/main.cpp:559:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(outputCharBuffer, "%19s | %4s | %4s | %4s | %4s | %4s | %6s | %8s | %8s","Sent Id", "Ins", "Del", "Sub", "Shft", "WdSh", "NumEr", "NumWd", "TER"); data/tercpp-0.6.2+svn46/test/main.cpp:591:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(outputCharBufferTmp, "%19s | %4d | %4d | %4d | %4d | %4d | %6.1f | %8.3f | %8.3f",((l_id.substr(1,l_id.size()-2))+":1").c_str(), result.numIns, result.numDel, result.numSub, result.numSft, result.numWsf, result.numEdits, result.numWords, result.score()*100.0); data/tercpp-0.6.2+svn46/test/main.cpp:603:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(outputCharBufferTmp, "%19s | %4d | %4d | %4d | %4d | %4d | %6.1f | %8.3f | %8.3f", "TOTAL", tot_ins, tot_del, tot_sub, tot_sft, tot_wsf, tot_err, tot_wds, tot_err*100.0/tot_wds); data/tercpp-0.6.2+svn46/src/multiEvaluation.cpp:116:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). outputAlignments.open( ( evalParameters.hypothesisFile + ".alignments" ).c_str() ); data/tercpp-0.6.2+svn46/src/multiEvaluation.cpp:120:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char outputCharBuffer[200]; data/tercpp-0.6.2+svn46/src/multiEvaluation.cpp:154:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char outputCharBufferTmp[200]; data/tercpp-0.6.2+svn46/src/multiEvaluation.cpp:185:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char outputCharBufferTmp[200]; data/tercpp-0.6.2+svn46/src/multiEvaluation.cpp:356:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char outputCharBuffer[200]; data/tercpp-0.6.2+svn46/src/multiEvaluation.cpp:389:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char outputCharBufferTmp[200]; data/tercpp-0.6.2+svn46/src/multiEvaluation.cpp:417:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char outputCharBufferTmp[200]; data/tercpp-0.6.2+svn46/src/tercalc.h:45:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char P[1000][1000]; data/tercpp-0.6.2+svn46/src/tools.cpp:156:47: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). to_return.push_back ( atoi ( to_push.c_str() ) ); data/tercpp-0.6.2+svn46/src/tools.cpp:169:35: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). to_return.push_back ( atoi ( to_push.c_str() ) ); data/tercpp-0.6.2+svn46/src/tools.cpp:201:35: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). to_return.push_back ( atoi ( to_push.c_str() ) ); data/tercpp-0.6.2+svn46/test/main.cpp:67:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). p.debugLevel = atoi(infos.c_str()); data/tercpp-0.6.2+svn46/test/main.cpp:357:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char outputCharBuffer[200]; data/tercpp-0.6.2+svn46/test/main.cpp:389:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char outputCharBufferTmp[200]; data/tercpp-0.6.2+svn46/test/main.cpp:400:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char outputCharBufferTmp[200]; data/tercpp-0.6.2+svn46/test/main.cpp:558:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char outputCharBuffer[200]; data/tercpp-0.6.2+svn46/test/main.cpp:590:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char outputCharBufferTmp[200]; data/tercpp-0.6.2+svn46/test/main.cpp:601:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char outputCharBufferTmp[200]; data/tercpp-0.6.2+svn46/src/xmlStructure.cpp:26:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). static const unsigned int LENGTH = strlen ( pINDENT ); data/tercpp-0.6.2+svn46/src/xmlStructure.cpp:38:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). static const unsigned int LENGTH = strlen ( pINDENT ); ANALYSIS SUMMARY: Hits = 32 Lines analyzed = 6532 in approximately 0.17 seconds (39359 lines/second) Physical Source Lines of Code (SLOC) = 4279 Hits@level = [0] 18 [1] 2 [2] 18 [3] 0 [4] 12 [5] 0 Hits@level+ = [0+] 50 [1+] 32 [2+] 30 [3+] 12 [4+] 12 [5+] 0 Hits/KSLOC@level+ = [0+] 11.685 [1+] 7.47838 [2+] 7.01098 [3+] 2.80439 [4+] 2.80439 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.