Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/tigr-glimmer-3.02b/SimpleMake/delcher.cc
Examining data/tigr-glimmer-3.02b/SimpleMake/fasta.cc
Examining data/tigr-glimmer-3.02b/SimpleMake/anomaly.cc
Examining data/tigr-glimmer-3.02b/SimpleMake/glimmer2.cc
Examining data/tigr-glimmer-3.02b/SimpleMake/long-orfs.cc
Examining data/tigr-glimmer-3.02b/SimpleMake/test.cc
Examining data/tigr-glimmer-3.02b/SimpleMake/build-fixed.cc
Examining data/tigr-glimmer-3.02b/SimpleMake/build-icm.cc
Examining data/tigr-glimmer-3.02b/SimpleMake/icm.cc
Examining data/tigr-glimmer-3.02b/SimpleMake/score-fixed.cc
Examining data/tigr-glimmer-3.02b/SimpleMake/entropy-profile.cc
Examining data/tigr-glimmer-3.02b/SimpleMake/entropy-score.cc
Examining data/tigr-glimmer-3.02b/SimpleMake/extract.cc
Examining data/tigr-glimmer-3.02b/SimpleMake/multi-extract.cc
Examining data/tigr-glimmer-3.02b/SimpleMake/start-codon-distrib.cc
Examining data/tigr-glimmer-3.02b/SimpleMake/uncovered.cc
Examining data/tigr-glimmer-3.02b/SimpleMake/window-acgt.cc
Examining data/tigr-glimmer-3.02b/SimpleMake/glimmer3.cc
Examining data/tigr-glimmer-3.02b/SimpleMake/gene.cc
Examining data/tigr-glimmer-3.02b/src/Common/delcher.cc
Examining data/tigr-glimmer-3.02b/src/Common/fasta.cc
Examining data/tigr-glimmer-3.02b/src/Common/gene.cc
Examining data/tigr-glimmer-3.02b/src/Glimmer/test.cc
Examining data/tigr-glimmer-3.02b/src/Glimmer/anomaly.cc
Examining data/tigr-glimmer-3.02b/src/Glimmer/glimmer3.cc
Examining data/tigr-glimmer-3.02b/src/Glimmer/glimmer2.cc
Examining data/tigr-glimmer-3.02b/src/Glimmer/long-orfs.cc
Examining data/tigr-glimmer-3.02b/src/ICM/icm.cc
Examining data/tigr-glimmer-3.02b/src/ICM/build-fixed.cc
Examining data/tigr-glimmer-3.02b/src/ICM/build-icm.cc
Examining data/tigr-glimmer-3.02b/src/ICM/score-fixed.cc
Examining data/tigr-glimmer-3.02b/src/Util/entropy-profile.cc
Examining data/tigr-glimmer-3.02b/src/Util/window-acgt.cc
Examining data/tigr-glimmer-3.02b/src/Util/entropy-score.cc
Examining data/tigr-glimmer-3.02b/src/Util/extract.cc
Examining data/tigr-glimmer-3.02b/src/Util/multi-extract.cc
Examining data/tigr-glimmer-3.02b/src/Util/start-codon-distrib.cc
Examining data/tigr-glimmer-3.02b/src/Util/uncovered.cc
FINAL RESULTS:
data/tigr-glimmer-3.02b/SimpleMake/anomaly.cc:76:15: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf (Line, "%s %ld %ld", Name, & Start, & End) != 3)
data/tigr-glimmer-3.02b/SimpleMake/delcher.cc:105:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (Clean_Exit_Msg_Line,
data/tigr-glimmer-3.02b/SimpleMake/entropy-score.cc:68:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (Clean_Exit_Msg_Line, "ERROR: Failed to read file %s",
data/tigr-glimmer-3.02b/SimpleMake/entropy-score.cc:89:17: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf (line, "%s %ld %ld %d", tag, & start, & end, & dir) != 4)
data/tigr-glimmer-3.02b/SimpleMake/entropy-score.cc:98:17: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf (line, "%s %ld %ld", tag, & start, & end) != 3)
data/tigr-glimmer-3.02b/SimpleMake/entropy-score.cc:329:11: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (fscanf (fp, "%s %lf %lf\n", line, Pos_Entropy_Profile + i,
data/tigr-glimmer-3.02b/SimpleMake/extract.cc:66:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (Clean_Exit_Msg_Line, "ERROR: Failed to read file %s",
data/tigr-glimmer-3.02b/SimpleMake/extract.cc:86:17: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf (line, "%s %ld %ld %d", tag, & start, & end, & dir) != 4)
data/tigr-glimmer-3.02b/SimpleMake/extract.cc:95:17: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf (line, "%s %ld %ld", tag, & start, & end) != 3)
data/tigr-glimmer-3.02b/SimpleMake/gene.cc:331:7: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
fscanf (fp, "%s", tag); // skip tag in first column
data/tigr-glimmer-3.02b/SimpleMake/gene.cc:852:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (Name, P);
data/tigr-glimmer-3.02b/SimpleMake/glimmer2.cc:2829:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( Ignore_File_Name, P );
data/tigr-glimmer-3.02b/SimpleMake/glimmer2.cc:2843:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( Orflist_File_Name, P );
data/tigr-glimmer-3.02b/SimpleMake/glimmer2.cc:3001:12: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf (line, "%s %d %d", tag, & start, & stop) != 3)
data/tigr-glimmer-3.02b/SimpleMake/glimmer3.cc:800:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (Clean_Exit_Msg_Line, "ERROR: Unexpected event type = %s",
data/tigr-glimmer-3.02b/SimpleMake/glimmer3.cc:1224:17: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
else if (sscanf (line, "%s %d %d %d", t, & a, & b, & d) == 4)
data/tigr-glimmer-3.02b/SimpleMake/glimmer3.cc:2610:11: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (fscanf (fp, "%s %lf %lf\n", line, Pos_Entropy_Profile + i,
data/tigr-glimmer-3.02b/SimpleMake/glimmer3.cc:3092:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (line, hdr . c_str ());
data/tigr-glimmer-3.02b/SimpleMake/glimmer3.cc:3097:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tag, p);
data/tigr-glimmer-3.02b/SimpleMake/icm.cc:1775:12: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (line, perm);
data/tigr-glimmer-3.02b/SimpleMake/long-orfs.cc:1319:11: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (fscanf (fp, "%s %lf %lf\n", line, Pos_Entropy_Profile + i,
data/tigr-glimmer-3.02b/SimpleMake/multi-extract.cc:78:17: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf (line, "%s %s %ld %ld %d", id, tag, & start, & end, & dir) != 5)
data/tigr-glimmer-3.02b/SimpleMake/multi-extract.cc:87:17: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf (line, "%s %s %ld %ld", id, tag, & start, & end) != 4)
data/tigr-glimmer-3.02b/SimpleMake/multi-extract.cc:117:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tag, hdr . c_str ());
data/tigr-glimmer-3.02b/SimpleMake/start-codon-distrib.cc:66:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (Clean_Exit_Msg_Line, "ERROR: Failed to open file %s",
data/tigr-glimmer-3.02b/SimpleMake/start-codon-distrib.cc:86:17: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf (line, "%s %ld %ld %d", tag, & start, & end, & dir) != 4)
data/tigr-glimmer-3.02b/SimpleMake/start-codon-distrib.cc:95:17: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf (line, "%s %ld %ld", tag, & start, & end) != 3)
data/tigr-glimmer-3.02b/SimpleMake/start-codon-distrib.cc:204:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (e . codon, s);
data/tigr-glimmer-3.02b/SimpleMake/uncovered.cc:68:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (Clean_Exit_Msg_Line, "ERROR: Failed to read file %s",
data/tigr-glimmer-3.02b/SimpleMake/uncovered.cc:89:17: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf (line, "%s %ld %ld %d", tag, & start, & end, & dir) != 4)
data/tigr-glimmer-3.02b/SimpleMake/uncovered.cc:98:17: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf (line, "%s %ld %ld", tag, & start, & end) != 3)
data/tigr-glimmer-3.02b/src/Common/delcher.cc:106:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (Clean_Exit_Msg_Line,
data/tigr-glimmer-3.02b/src/Common/gene.cc:332:7: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
fscanf (fp, "%s", tag); // skip tag in first column
data/tigr-glimmer-3.02b/src/Common/gene.cc:853:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (Name, P);
data/tigr-glimmer-3.02b/src/Glimmer/anomaly.cc:77:15: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf (Line, "%s %ld %ld", Name, & Start, & End) != 3)
data/tigr-glimmer-3.02b/src/Glimmer/glimmer2.cc:2830:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( Ignore_File_Name, P );
data/tigr-glimmer-3.02b/src/Glimmer/glimmer2.cc:2844:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( Orflist_File_Name, P );
data/tigr-glimmer-3.02b/src/Glimmer/glimmer2.cc:3002:12: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf (line, "%s %d %d", tag, & start, & stop) != 3)
data/tigr-glimmer-3.02b/src/Glimmer/glimmer3.cc:799:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (Clean_Exit_Msg_Line, "ERROR: Unexpected event type = %s",
data/tigr-glimmer-3.02b/src/Glimmer/glimmer3.cc:1223:17: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
else if (sscanf (line, "%s %d %d %d", t, & a, & b, & d) == 4)
data/tigr-glimmer-3.02b/src/Glimmer/glimmer3.cc:2609:11: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (fscanf (fp, "%s %lf %lf\n", line, Pos_Entropy_Profile + i,
data/tigr-glimmer-3.02b/src/Glimmer/glimmer3.cc:3091:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (line, hdr . c_str ());
data/tigr-glimmer-3.02b/src/Glimmer/glimmer3.cc:3096:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tag, p);
data/tigr-glimmer-3.02b/src/Glimmer/long-orfs.cc:1319:11: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (fscanf (fp, "%s %lf %lf\n", line, Pos_Entropy_Profile + i,
data/tigr-glimmer-3.02b/src/ICM/icm.cc:1777:12: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (line, perm);
data/tigr-glimmer-3.02b/src/Util/entropy-score.cc:68:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (Clean_Exit_Msg_Line, "ERROR: Failed to read file %s",
data/tigr-glimmer-3.02b/src/Util/entropy-score.cc:89:17: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf (line, "%s %ld %ld %d", tag, & start, & end, & dir) != 4)
data/tigr-glimmer-3.02b/src/Util/entropy-score.cc:98:17: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf (line, "%s %ld %ld", tag, & start, & end) != 3)
data/tigr-glimmer-3.02b/src/Util/entropy-score.cc:329:11: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (fscanf (fp, "%s %lf %lf\n", line, Pos_Entropy_Profile + i,
data/tigr-glimmer-3.02b/src/Util/extract.cc:66:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (Clean_Exit_Msg_Line, "ERROR: Failed to read file %s",
data/tigr-glimmer-3.02b/src/Util/extract.cc:86:17: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf (line, "%s %ld %ld %d", tag, & start, & end, & dir) != 4)
data/tigr-glimmer-3.02b/src/Util/extract.cc:95:17: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf (line, "%s %ld %ld", tag, & start, & end) != 3)
data/tigr-glimmer-3.02b/src/Util/multi-extract.cc:78:17: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf (line, "%s %s %ld %ld %d", id, tag, & start, & end, & dir) != 5)
data/tigr-glimmer-3.02b/src/Util/multi-extract.cc:87:17: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf (line, "%s %s %ld %ld", id, tag, & start, & end) != 4)
data/tigr-glimmer-3.02b/src/Util/multi-extract.cc:117:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tag, hdr . c_str ());
data/tigr-glimmer-3.02b/src/Util/start-codon-distrib.cc:67:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (Clean_Exit_Msg_Line, "ERROR: Failed to open file %s",
data/tigr-glimmer-3.02b/src/Util/start-codon-distrib.cc:87:17: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf (line, "%s %ld %ld %d", tag, & start, & end, & dir) != 4)
data/tigr-glimmer-3.02b/src/Util/start-codon-distrib.cc:96:17: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf (line, "%s %ld %ld", tag, & start, & end) != 3)
data/tigr-glimmer-3.02b/src/Util/start-codon-distrib.cc:205:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (e . codon, s);
data/tigr-glimmer-3.02b/src/Util/uncovered.cc:68:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (Clean_Exit_Msg_Line, "ERROR: Failed to read file %s",
data/tigr-glimmer-3.02b/src/Util/uncovered.cc:89:17: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf (line, "%s %ld %ld %d", tag, & start, & end, & dir) != 4)
data/tigr-glimmer-3.02b/src/Util/uncovered.cc:98:17: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf (line, "%s %ld %ld", tag, & start, & end) != 3)
data/tigr-glimmer-3.02b/SimpleMake/anomaly.cc:303:31: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while (! errflg && ((ch = getopt (argc, argv, "A:stZ:")) != EOF))
data/tigr-glimmer-3.02b/SimpleMake/build-fixed.cc:124:24: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
&& ((ch = getopt (argc, argv, "bd:hi:p:s:tv:")) != EOF))
data/tigr-glimmer-3.02b/SimpleMake/build-icm.cc:160:31: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while (! errflg && ((ch = getopt_long (argc, argv,
data/tigr-glimmer-3.02b/SimpleMake/build-icm.cc:164:31: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while (! errflg && ((ch = getopt (argc, argv,
data/tigr-glimmer-3.02b/SimpleMake/delcher.cc:255:13: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
sum += drand48 ();
data/tigr-glimmer-3.02b/SimpleMake/entropy-profile.cc:154:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
&& ((ch = getopt_long (argc, argv, "bhl:",
data/tigr-glimmer-3.02b/SimpleMake/entropy-profile.cc:158:19: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
&& ((ch = getopt (argc, argv, "bhl:")) != EOF))
data/tigr-glimmer-3.02b/SimpleMake/entropy-score.cc:258:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
&& ((ch = getopt_long (argc, argv, "2dE:hl:sw",
data/tigr-glimmer-3.02b/SimpleMake/entropy-score.cc:262:19: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
&& ((ch = getopt (argc, argv, "2dE:hl:sw")) != EOF))
data/tigr-glimmer-3.02b/SimpleMake/extract.cc:237:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
&& ((ch = getopt_long (argc, argv, "2dhl:stw",
data/tigr-glimmer-3.02b/SimpleMake/extract.cc:241:19: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
&& ((ch = getopt (argc, argv, "2dhl:stw")) != EOF))
data/tigr-glimmer-3.02b/SimpleMake/glimmer3.cc:1678:31: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while (! errflg && ((ch = getopt_long (argc, argv,
data/tigr-glimmer-3.02b/SimpleMake/glimmer3.cc:1682:31: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while (! errflg && ((ch = getopt (argc, argv,
data/tigr-glimmer-3.02b/SimpleMake/long-orfs.cc:1161:31: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while (! errflg && ((ch = getopt_long (argc, argv,
data/tigr-glimmer-3.02b/SimpleMake/long-orfs.cc:1165:31: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while (! errflg && ((ch = getopt (argc, argv,
data/tigr-glimmer-3.02b/SimpleMake/multi-extract.cc:294:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
&& ((ch = getopt_long (argc, argv, "2dhl:stw",
data/tigr-glimmer-3.02b/SimpleMake/multi-extract.cc:298:19: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
&& ((ch = getopt (argc, argv, "2dhl:stw")) != EOF))
data/tigr-glimmer-3.02b/SimpleMake/score-fixed.cc:110:24: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
&& ((ch = getopt (argc, argv, "hINs")) != EOF))
data/tigr-glimmer-3.02b/SimpleMake/start-codon-distrib.cc:239:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
&& ((ch = getopt_long (argc, argv, "dhw3",
data/tigr-glimmer-3.02b/SimpleMake/start-codon-distrib.cc:243:19: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
&& ((ch = getopt (argc, argv, "dhw3")) != EOF))
data/tigr-glimmer-3.02b/SimpleMake/uncovered.cc:316:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
&& ((ch = getopt_long (argc, argv, "2dhl:sw",
data/tigr-glimmer-3.02b/SimpleMake/uncovered.cc:320:19: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
&& ((ch = getopt (argc, argv, "2dhl:sw")) != EOF))
data/tigr-glimmer-3.02b/SimpleMake/window-acgt.cc:162:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
&& ((ch = getopt_long (argc, argv, "hp",
data/tigr-glimmer-3.02b/SimpleMake/window-acgt.cc:166:19: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
&& ((ch = getopt (argc, argv, "hp")) != EOF))
data/tigr-glimmer-3.02b/src/Common/delcher.cc:256:13: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
sum += drand48 ();
data/tigr-glimmer-3.02b/src/Glimmer/anomaly.cc:304:31: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while (! errflg && ((ch = getopt (argc, argv, "A:stZ:")) != EOF))
data/tigr-glimmer-3.02b/src/Glimmer/glimmer3.cc:1677:31: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while (! errflg && ((ch = getopt_long (argc, argv,
data/tigr-glimmer-3.02b/src/Glimmer/glimmer3.cc:1681:31: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while (! errflg && ((ch = getopt (argc, argv,
data/tigr-glimmer-3.02b/src/Glimmer/long-orfs.cc:1161:31: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while (! errflg && ((ch = getopt_long (argc, argv,
data/tigr-glimmer-3.02b/src/Glimmer/long-orfs.cc:1165:31: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while (! errflg && ((ch = getopt (argc, argv,
data/tigr-glimmer-3.02b/src/ICM/build-fixed.cc:125:24: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
&& ((ch = getopt (argc, argv, "bd:hi:p:s:tv:")) != EOF))
data/tigr-glimmer-3.02b/src/ICM/build-icm.cc:161:31: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while (! errflg && ((ch = getopt_long (argc, argv,
data/tigr-glimmer-3.02b/src/ICM/build-icm.cc:165:31: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while (! errflg && ((ch = getopt (argc, argv,
data/tigr-glimmer-3.02b/src/ICM/score-fixed.cc:111:24: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
&& ((ch = getopt (argc, argv, "hINs")) != EOF))
data/tigr-glimmer-3.02b/src/Util/entropy-profile.cc:154:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
&& ((ch = getopt_long (argc, argv, "bhl:",
data/tigr-glimmer-3.02b/src/Util/entropy-profile.cc:158:19: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
&& ((ch = getopt (argc, argv, "bhl:")) != EOF))
data/tigr-glimmer-3.02b/src/Util/entropy-score.cc:258:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
&& ((ch = getopt_long (argc, argv, "2dE:hl:sw",
data/tigr-glimmer-3.02b/src/Util/entropy-score.cc:262:19: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
&& ((ch = getopt (argc, argv, "2dE:hl:sw")) != EOF))
data/tigr-glimmer-3.02b/src/Util/extract.cc:237:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
&& ((ch = getopt_long (argc, argv, "2dhl:stw",
data/tigr-glimmer-3.02b/src/Util/extract.cc:241:19: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
&& ((ch = getopt (argc, argv, "2dhl:stw")) != EOF))
data/tigr-glimmer-3.02b/src/Util/multi-extract.cc:294:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
&& ((ch = getopt_long (argc, argv, "2dhl:stw",
data/tigr-glimmer-3.02b/src/Util/multi-extract.cc:298:19: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
&& ((ch = getopt (argc, argv, "2dhl:stw")) != EOF))
data/tigr-glimmer-3.02b/src/Util/start-codon-distrib.cc:240:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
&& ((ch = getopt_long (argc, argv, "dhw3",
data/tigr-glimmer-3.02b/src/Util/start-codon-distrib.cc:244:19: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
&& ((ch = getopt (argc, argv, "dhw3")) != EOF))
data/tigr-glimmer-3.02b/src/Util/uncovered.cc:316:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
&& ((ch = getopt_long (argc, argv, "2dhl:sw",
data/tigr-glimmer-3.02b/src/Util/uncovered.cc:320:19: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
&& ((ch = getopt (argc, argv, "2dhl:sw")) != EOF))
data/tigr-glimmer-3.02b/src/Util/window-acgt.cc:162:19: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
&& ((ch = getopt_long (argc, argv, "hp",
data/tigr-glimmer-3.02b/src/Util/window-acgt.cc:166:19: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
&& ((ch = getopt (argc, argv, "hp")) != EOF))
data/tigr-glimmer-3.02b/SimpleMake/anomaly.cc:43:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * Buffer, Line [MAX_LINE], Name [MAX_LINE];
data/tigr-glimmer-3.02b/SimpleMake/anomaly.cc:44:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Codon [4] = "tag";
data/tigr-glimmer-3.02b/SimpleMake/build-fixed.cc:155:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
perm . push_back (atoi (p));
data/tigr-glimmer-3.02b/SimpleMake/delcher.cc:17:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Clean_Exit_Msg_Line [MAX_ERROR_MSG_LEN];
data/tigr-glimmer-3.02b/SimpleMake/delcher.cc:32:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buff [COMMATIZE_BUFF_LEN];
data/tigr-glimmer-3.02b/SimpleMake/delcher.cc:102:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen (fname . c_str (), mode . c_str ());
data/tigr-glimmer-3.02b/SimpleMake/delcher.cc:191:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buff [20];
data/tigr-glimmer-3.02b/SimpleMake/delcher.cc:196:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buff, "%d", n);
data/tigr-glimmer-3.02b/SimpleMake/delcher.cc:336:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (Clean_Exit_Msg_Line,
data/tigr-glimmer-3.02b/SimpleMake/delcher.cc:360:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (Clean_Exit_Msg_Line,
data/tigr-glimmer-3.02b/SimpleMake/delcher.cc:384:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (Clean_Exit_Msg_Line,
data/tigr-glimmer-3.02b/SimpleMake/entropy-score.cc:57:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAX_LINE], tag [MAX_LINE];
data/tigr-glimmer-3.02b/SimpleMake/entropy-score.cc:323:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAX_LINE];
data/tigr-glimmer-3.02b/SimpleMake/extract.cc:55:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAX_LINE], tag [MAX_LINE];
data/tigr-glimmer-3.02b/SimpleMake/gene.cc:314:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tag [1000];
data/tigr-glimmer-3.02b/SimpleMake/gene.cc:517:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (Clean_Exit_Msg_Line,
data/tigr-glimmer-3.02b/SimpleMake/gene.cc:837:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * P, Line [MAX_LINE];
data/tigr-glimmer-3.02b/SimpleMake/glimmer2.cc:264:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char Name [MAX_LINE];
data/tigr-glimmer-3.02b/SimpleMake/glimmer2.cc:272:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Ribosome_Pattern [1 + MAX_RIBOSOME_PATTERN_LEN] = DEFAULT_RIBOSOME_PATTERN;
data/tigr-glimmer-3.02b/SimpleMake/glimmer2.cc:483:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (Data, "tag");
data/tigr-glimmer-3.02b/SimpleMake/glimmer2.cc:1040:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Codon [4];
data/tigr-glimmer-3.02b/SimpleMake/glimmer2.cc:1149:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Buffer [1 + UPSTREAM_LEN], Codon [4];
data/tigr-glimmer-3.02b/SimpleMake/glimmer2.cc:1963:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (Data, "tagctagctag"); // Ensure a stop codon in each frame.
data/tigr-glimmer-3.02b/SimpleMake/glimmer2.cc:2282:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char codon [4] = "aaa";
data/tigr-glimmer-3.02b/SimpleMake/glimmer2.cc:2634:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Ignore_Line [MAX_INPUT], *Token, Delim[] = "\t\n\r\f\x20";
data/tigr-glimmer-3.02b/SimpleMake/glimmer2.cc:2666:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Temp[++j] = atoi( Token );
data/tigr-glimmer-3.02b/SimpleMake/glimmer2.cc:2987:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAX_LINE];
data/tigr-glimmer-3.02b/SimpleMake/glimmer2.cc:2988:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tag [MAX_LINE];
data/tigr-glimmer-3.02b/SimpleMake/glimmer2.cc:3516:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Codon [4];
data/tigr-glimmer-3.02b/SimpleMake/glimmer3.cc:1108:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAX_LINE];
data/tigr-glimmer-3.02b/SimpleMake/glimmer3.cc:1203:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAX_LINE], t [MAX_LINE];
data/tigr-glimmer-3.02b/SimpleMake/glimmer3.cc:2100:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (Clean_Exit_Msg_Line, "ERROR: Bad start codon probability %f\n",
data/tigr-glimmer-3.02b/SimpleMake/glimmer3.cc:2108:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (Clean_Exit_Msg_Line, "ERROR: Start codon probabilities all zero\n");
data/tigr-glimmer-3.02b/SimpleMake/glimmer3.cc:2155:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (Clean_Exit_Msg_Line, "ERROR: Missing initial event\n");
data/tigr-glimmer-3.02b/SimpleMake/glimmer3.cc:2200:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (Clean_Exit_Msg_Line, "ERROR: Unexpected event type = %d\n",
data/tigr-glimmer-3.02b/SimpleMake/glimmer3.cc:2369:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (Clean_Exit_Msg_Line,
data/tigr-glimmer-3.02b/SimpleMake/glimmer3.cc:2604:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAX_LINE];
data/tigr-glimmer-3.02b/SimpleMake/glimmer3.cc:2842:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tag [MAX_LINE];
data/tigr-glimmer-3.02b/SimpleMake/glimmer3.cc:3017:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (tag, "%04d", ++ Gene_ID_Ct);
data/tigr-glimmer-3.02b/SimpleMake/glimmer3.cc:3024:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (tag, " ");
data/tigr-glimmer-3.02b/SimpleMake/glimmer3.cc:3082:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAX_LINE], tag [MAX_LINE], * p;
data/tigr-glimmer-3.02b/SimpleMake/glimmer3.cc:3095:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (tag, "Seq%04d", seq_num);
data/tigr-glimmer-3.02b/SimpleMake/glimmer3.cc:3262:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (Clean_Exit_Msg_Line,
data/tigr-glimmer-3.02b/SimpleMake/glimmer3.cc:3276:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (Clean_Exit_Msg_Line,
data/tigr-glimmer-3.02b/SimpleMake/icm.cc:525:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dist, score [frame] [num_node] . prob, ALPHABET_SIZE * sizeof (float));
data/tigr-glimmer-3.02b/SimpleMake/icm.cc:596:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [ID_STRING_LEN];
data/tigr-glimmer-3.02b/SimpleMake/icm.cc:752:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label [2 * 100];
data/tigr-glimmer-3.02b/SimpleMake/icm.cc:954:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [ID_STRING_LEN] = {'\0'};
data/tigr-glimmer-3.02b/SimpleMake/icm.cc:957:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (line, ">ver = %.2f len = %d depth = %d"
data/tigr-glimmer-3.02b/SimpleMake/icm.cc:1478:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [ID_STRING_LEN];
data/tigr-glimmer-3.02b/SimpleMake/icm.cc:1762:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [ID_STRING_LEN] = {'\0'};
data/tigr-glimmer-3.02b/SimpleMake/icm.cc:1763:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char perm [ID_STRING_LEN] = {'\0'};
data/tigr-glimmer-3.02b/SimpleMake/icm.cc:1766:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (line, ">ver=%.2f len=%d depth=%d special=%d type=%d",
data/tigr-glimmer-3.02b/SimpleMake/icm.cc:1772:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (perm, " %d", permutation == NULL ? i : permutation [i]);
data/tigr-glimmer-3.02b/SimpleMake/icm.cc:1774:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (perm, ",%d", permutation == NULL ? i : permutation [i]);
data/tigr-glimmer-3.02b/SimpleMake/long-orfs.cc:799:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAX_LINE];
data/tigr-glimmer-3.02b/SimpleMake/long-orfs.cc:1313:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAX_LINE];
data/tigr-glimmer-3.02b/SimpleMake/multi-extract.cc:58:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAX_LINE], id [MAX_LINE], tag [MAX_LINE];
data/tigr-glimmer-3.02b/SimpleMake/start-codon-distrib.cc:53:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAX_LINE], tag [MAX_LINE];
data/tigr-glimmer-3.02b/SimpleMake/start-codon-distrib.cc:54:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char codon [4];
data/tigr-glimmer-3.02b/SimpleMake/start-codon-distrib.cc:186:44: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(vector <Count_Entry_t> & entry, const char s [4])
data/tigr-glimmer-3.02b/SimpleMake/uncovered.cc:57:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAX_LINE], tag [MAX_LINE];
data/tigr-glimmer-3.02b/SimpleMake/uncovered.cc:262:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tag [100];
data/tigr-glimmer-3.02b/SimpleMake/uncovered.cc:274:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (tag, "seq%05d", ++ ct);
data/tigr-glimmer-3.02b/SimpleMake/uncovered.cc:283:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (tag, "seq%05d", ++ ct);
data/tigr-glimmer-3.02b/SimpleMake/window-acgt.cc:44:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAX_LINE];
data/tigr-glimmer-3.02b/SimpleMake/window-acgt.cc:194:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (Clean_Exit_Msg_Line, "ERROR: Bad window length = %d", Window_Len);
data/tigr-glimmer-3.02b/SimpleMake/window-acgt.cc:199:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (Clean_Exit_Msg_Line, "ERROR: Bad window skip = %d", Window_Skip);
data/tigr-glimmer-3.02b/src/Common/delcher.cc:18:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Clean_Exit_Msg_Line [MAX_ERROR_MSG_LEN];
data/tigr-glimmer-3.02b/src/Common/delcher.cc:33:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buff [COMMATIZE_BUFF_LEN];
data/tigr-glimmer-3.02b/src/Common/delcher.cc:103:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen (fname . c_str (), mode . c_str ());
data/tigr-glimmer-3.02b/src/Common/delcher.cc:192:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buff [20];
data/tigr-glimmer-3.02b/src/Common/delcher.cc:197:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buff, "%d", n);
data/tigr-glimmer-3.02b/src/Common/delcher.cc:337:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (Clean_Exit_Msg_Line,
data/tigr-glimmer-3.02b/src/Common/delcher.cc:361:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (Clean_Exit_Msg_Line,
data/tigr-glimmer-3.02b/src/Common/delcher.cc:385:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (Clean_Exit_Msg_Line,
data/tigr-glimmer-3.02b/src/Common/gene.cc:315:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tag [1000];
data/tigr-glimmer-3.02b/src/Common/gene.cc:518:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (Clean_Exit_Msg_Line,
data/tigr-glimmer-3.02b/src/Common/gene.cc:838:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * P, Line [MAX_LINE];
data/tigr-glimmer-3.02b/src/Glimmer/anomaly.cc:44:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * Buffer, Line [MAX_LINE], Name [MAX_LINE];
data/tigr-glimmer-3.02b/src/Glimmer/anomaly.cc:45:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Codon [4] = "tag";
data/tigr-glimmer-3.02b/src/Glimmer/glimmer2.cc:265:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char Name [MAX_LINE];
data/tigr-glimmer-3.02b/src/Glimmer/glimmer2.cc:273:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Ribosome_Pattern [1 + MAX_RIBOSOME_PATTERN_LEN] = DEFAULT_RIBOSOME_PATTERN;
data/tigr-glimmer-3.02b/src/Glimmer/glimmer2.cc:484:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (Data, "tag");
data/tigr-glimmer-3.02b/src/Glimmer/glimmer2.cc:1041:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Codon [4];
data/tigr-glimmer-3.02b/src/Glimmer/glimmer2.cc:1150:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Buffer [1 + UPSTREAM_LEN], Codon [4];
data/tigr-glimmer-3.02b/src/Glimmer/glimmer2.cc:1964:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (Data, "tagctagctag"); // Ensure a stop codon in each frame.
data/tigr-glimmer-3.02b/src/Glimmer/glimmer2.cc:2283:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char codon [4] = "aaa";
data/tigr-glimmer-3.02b/src/Glimmer/glimmer2.cc:2635:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Ignore_Line [MAX_INPUT], *Token, Delim[] = "\t\n\r\f\x20";
data/tigr-glimmer-3.02b/src/Glimmer/glimmer2.cc:2667:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Temp[++j] = atoi( Token );
data/tigr-glimmer-3.02b/src/Glimmer/glimmer2.cc:2988:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAX_LINE];
data/tigr-glimmer-3.02b/src/Glimmer/glimmer2.cc:2989:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tag [MAX_LINE];
data/tigr-glimmer-3.02b/src/Glimmer/glimmer2.cc:3517:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Codon [4];
data/tigr-glimmer-3.02b/src/Glimmer/glimmer3.cc:1107:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAX_LINE];
data/tigr-glimmer-3.02b/src/Glimmer/glimmer3.cc:1202:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAX_LINE], t [MAX_LINE];
data/tigr-glimmer-3.02b/src/Glimmer/glimmer3.cc:2099:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (Clean_Exit_Msg_Line, "ERROR: Bad start codon probability %f\n",
data/tigr-glimmer-3.02b/src/Glimmer/glimmer3.cc:2107:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (Clean_Exit_Msg_Line, "ERROR: Start codon probabilities all zero\n");
data/tigr-glimmer-3.02b/src/Glimmer/glimmer3.cc:2154:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (Clean_Exit_Msg_Line, "ERROR: Missing initial event\n");
data/tigr-glimmer-3.02b/src/Glimmer/glimmer3.cc:2199:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (Clean_Exit_Msg_Line, "ERROR: Unexpected event type = %d\n",
data/tigr-glimmer-3.02b/src/Glimmer/glimmer3.cc:2368:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (Clean_Exit_Msg_Line,
data/tigr-glimmer-3.02b/src/Glimmer/glimmer3.cc:2603:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAX_LINE];
data/tigr-glimmer-3.02b/src/Glimmer/glimmer3.cc:2841:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tag [MAX_LINE];
data/tigr-glimmer-3.02b/src/Glimmer/glimmer3.cc:3016:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (tag, "%04d", ++ Gene_ID_Ct);
data/tigr-glimmer-3.02b/src/Glimmer/glimmer3.cc:3023:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (tag, " ");
data/tigr-glimmer-3.02b/src/Glimmer/glimmer3.cc:3081:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAX_LINE], tag [MAX_LINE], * p;
data/tigr-glimmer-3.02b/src/Glimmer/glimmer3.cc:3094:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (tag, "Seq%04d", seq_num);
data/tigr-glimmer-3.02b/src/Glimmer/glimmer3.cc:3261:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (Clean_Exit_Msg_Line,
data/tigr-glimmer-3.02b/src/Glimmer/glimmer3.cc:3275:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (Clean_Exit_Msg_Line,
data/tigr-glimmer-3.02b/src/Glimmer/long-orfs.cc:799:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAX_LINE];
data/tigr-glimmer-3.02b/src/Glimmer/long-orfs.cc:1313:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAX_LINE];
data/tigr-glimmer-3.02b/src/ICM/build-fixed.cc:156:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
perm . push_back (atoi (p));
data/tigr-glimmer-3.02b/src/ICM/icm.cc:527:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dist, score [frame] [num_node] . prob, ALPHABET_SIZE * sizeof (float));
data/tigr-glimmer-3.02b/src/ICM/icm.cc:598:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [ID_STRING_LEN];
data/tigr-glimmer-3.02b/src/ICM/icm.cc:754:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label [2 * 100];
data/tigr-glimmer-3.02b/src/ICM/icm.cc:956:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [ID_STRING_LEN] = {'\0'};
data/tigr-glimmer-3.02b/src/ICM/icm.cc:959:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (line, ">ver = %.2f len = %d depth = %d"
data/tigr-glimmer-3.02b/src/ICM/icm.cc:1480:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [ID_STRING_LEN];
data/tigr-glimmer-3.02b/src/ICM/icm.cc:1764:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [ID_STRING_LEN] = {'\0'};
data/tigr-glimmer-3.02b/src/ICM/icm.cc:1765:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char perm [ID_STRING_LEN] = {'\0'};
data/tigr-glimmer-3.02b/src/ICM/icm.cc:1768:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (line, ">ver=%.2f len=%d depth=%d special=%d type=%d",
data/tigr-glimmer-3.02b/src/ICM/icm.cc:1774:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (perm, " %d", permutation == NULL ? i : permutation [i]);
data/tigr-glimmer-3.02b/src/ICM/icm.cc:1776:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (perm, ",%d", permutation == NULL ? i : permutation [i]);
data/tigr-glimmer-3.02b/src/Util/entropy-score.cc:57:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAX_LINE], tag [MAX_LINE];
data/tigr-glimmer-3.02b/src/Util/entropy-score.cc:323:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAX_LINE];
data/tigr-glimmer-3.02b/src/Util/extract.cc:55:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAX_LINE], tag [MAX_LINE];
data/tigr-glimmer-3.02b/src/Util/multi-extract.cc:58:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAX_LINE], id [MAX_LINE], tag [MAX_LINE];
data/tigr-glimmer-3.02b/src/Util/start-codon-distrib.cc:54:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAX_LINE], tag [MAX_LINE];
data/tigr-glimmer-3.02b/src/Util/start-codon-distrib.cc:55:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char codon [4];
data/tigr-glimmer-3.02b/src/Util/start-codon-distrib.cc:187:44: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(vector <Count_Entry_t> & entry, const char s [4])
data/tigr-glimmer-3.02b/src/Util/uncovered.cc:57:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAX_LINE], tag [MAX_LINE];
data/tigr-glimmer-3.02b/src/Util/uncovered.cc:262:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tag [100];
data/tigr-glimmer-3.02b/src/Util/uncovered.cc:274:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (tag, "seq%05d", ++ ct);
data/tigr-glimmer-3.02b/src/Util/uncovered.cc:283:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (tag, "seq%05d", ++ ct);
data/tigr-glimmer-3.02b/src/Util/window-acgt.cc:44:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAX_LINE];
data/tigr-glimmer-3.02b/src/Util/window-acgt.cc:194:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (Clean_Exit_Msg_Line, "ERROR: Bad window length = %d", Window_Len);
data/tigr-glimmer-3.02b/src/Util/window-acgt.cc:199:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (Clean_Exit_Msg_Line, "ERROR: Bad window skip = %d", Window_Skip);
data/tigr-glimmer-3.02b/SimpleMake/build-fixed.cc:76:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Model_Len = strlen (Training_Data [0]);
data/tigr-glimmer-3.02b/SimpleMake/build-fixed.cc:78:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (int (strlen (Training_Data [i])) != Model_Len)
data/tigr-glimmer-3.02b/SimpleMake/build-fixed.cc:81:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i, int (strlen (Training_Data [i])));
data/tigr-glimmer-3.02b/SimpleMake/build-fixed.cc:236:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = fgetc (fp)) != EOF && ch != '>')
data/tigr-glimmer-3.02b/SimpleMake/build-fixed.cc:243:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = fgetc (fp)) != EOF && ch != '\n' && isspace (ch))
data/tigr-glimmer-3.02b/SimpleMake/build-fixed.cc:249:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = fgetc (fp)) != EOF && ch != '\n')
data/tigr-glimmer-3.02b/SimpleMake/build-fixed.cc:261:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = fgetc (fp)) != EOF && ch != '>')
data/tigr-glimmer-3.02b/SimpleMake/build-icm.cc:93:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (Training_Data [i]);
data/tigr-glimmer-3.02b/SimpleMake/build-icm.cc:273:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = fgetc (fp)) != EOF && ch != '>')
data/tigr-glimmer-3.02b/SimpleMake/build-icm.cc:280:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = fgetc (fp)) != EOF && ch != '\n' && isspace (ch))
data/tigr-glimmer-3.02b/SimpleMake/build-icm.cc:286:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = fgetc (fp)) != EOF && ch != '\n')
data/tigr-glimmer-3.02b/SimpleMake/build-icm.cc:298:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = fgetc (fp)) != EOF && ch != '>')
data/tigr-glimmer-3.02b/SimpleMake/delcher.cc:284:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen (s);
data/tigr-glimmer-3.02b/SimpleMake/delcher.cc:404:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (s);
data/tigr-glimmer-3.02b/SimpleMake/entropy-score.cc:156:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen (line);
data/tigr-glimmer-3.02b/SimpleMake/fasta.cc:134:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = fgetc (fp)) != EOF && ch != '>')
data/tigr-glimmer-3.02b/SimpleMake/fasta.cc:141:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = fgetc (fp)) != EOF && ch == ' ')
data/tigr-glimmer-3.02b/SimpleMake/fasta.cc:148:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = fgetc (fp)) != EOF && ch != '\n')
data/tigr-glimmer-3.02b/SimpleMake/fasta.cc:154:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = fgetc (fp)) != EOF && ch != '>')
data/tigr-glimmer-3.02b/SimpleMake/fasta.cc:194:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = fgetc (fp)) != EOF && ch != '>')
data/tigr-glimmer-3.02b/SimpleMake/fasta.cc:201:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = fgetc (fp)) != EOF && ch == ' ')
data/tigr-glimmer-3.02b/SimpleMake/fasta.cc:208:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = fgetc (fp)) != EOF && ch != '\n')
data/tigr-glimmer-3.02b/SimpleMake/fasta.cc:212:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = fgetc (fp)) != EOF && ch != '>')
data/tigr-glimmer-3.02b/SimpleMake/gene.cc:841:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((Ch = fgetc (fp)) != EOF && Ch != '>')
data/tigr-glimmer-3.02b/SimpleMake/gene.cc:848:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Len = strlen (Line);
data/tigr-glimmer-3.02b/SimpleMake/gene.cc:872:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((Ch = fgetc (fp)) != EOF && Ch != '>')
data/tigr-glimmer-3.02b/SimpleMake/gene.cc:930:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen (s);
data/tigr-glimmer-3.02b/SimpleMake/glimmer2.cc:351:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Data_Len = strlen (Data + 1);
data/tigr-glimmer-3.02b/SimpleMake/glimmer2.cc:1468:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
M = strlen (P + 1);
data/tigr-glimmer-3.02b/SimpleMake/glimmer2.cc:1469:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
N = strlen (T + 1);
data/tigr-glimmer-3.02b/SimpleMake/glimmer2.cc:2827:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
L = strlen (P);
data/tigr-glimmer-3.02b/SimpleMake/glimmer2.cc:2841:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
L = strlen (P);
data/tigr-glimmer-3.02b/SimpleMake/glimmer2.cc:2899:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
L = strlen (P);
data/tigr-glimmer-3.02b/SimpleMake/glimmer2.cc:3078:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (Data + 1);
data/tigr-glimmer-3.02b/SimpleMake/glimmer2.cc:3252:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (Data + 1);
data/tigr-glimmer-3.02b/SimpleMake/icm.cc:961:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert (int (strlen (line)) < ID_STRING_LEN);
data/tigr-glimmer-3.02b/SimpleMake/icm.cc:1175:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end = int (strlen (string));
data/tigr-glimmer-3.02b/SimpleMake/icm.cc:1471:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void Fixed_Length_ICM_t :: read
data/tigr-glimmer-3.02b/SimpleMake/icm.cc:1551:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (buff, w, length);
data/tigr-glimmer-3.02b/SimpleMake/icm.cc:1599:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (buff, w, length);
data/tigr-glimmer-3.02b/SimpleMake/icm.cc:1714:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (sub_data [j], data [j], i);
data/tigr-glimmer-3.02b/SimpleMake/icm.cc:1777:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (line, "\n");
data/tigr-glimmer-3.02b/SimpleMake/icm.cc:1779:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert (int (strlen (line)) < ID_STRING_LEN);
data/tigr-glimmer-3.02b/SimpleMake/icm.cc:1825:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end = int (strlen (string));
data/tigr-glimmer-3.02b/SimpleMake/icm.cc:1856:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end = int (strlen (string));
data/tigr-glimmer-3.02b/SimpleMake/icm.cc:1941:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (data [0]);
data/tigr-glimmer-3.02b/SimpleMake/icm.cc:1970:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (s, buff, n);
data/tigr-glimmer-3.02b/SimpleMake/score-fixed.cc:45:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
pos_model . read (Pos_Model_Path);
data/tigr-glimmer-3.02b/SimpleMake/score-fixed.cc:56:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
neg_fixed_model . read (Neg_Model_Path);
data/tigr-glimmer-3.02b/SimpleMake/score-fixed.cc:70:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (string);
data/tigr-glimmer-3.02b/SimpleMake/score-fixed.cc:76:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
neg_score = neg_icm_model . Score_String (string, strlen (string), 1);
data/tigr-glimmer-3.02b/SimpleMake/score-fixed.cc:165:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = fgetc (fp)) != EOF && ch != '>')
data/tigr-glimmer-3.02b/SimpleMake/score-fixed.cc:172:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = fgetc (fp)) != EOF && ch != '\n' && isspace (ch))
data/tigr-glimmer-3.02b/SimpleMake/score-fixed.cc:178:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = fgetc (fp)) != EOF && ch != '\n')
data/tigr-glimmer-3.02b/SimpleMake/score-fixed.cc:190:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = fgetc (fp)) != EOF && ch != '>')
data/tigr-glimmer-3.02b/src/Common/delcher.cc:285:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen (s);
data/tigr-glimmer-3.02b/src/Common/delcher.cc:405:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (s);
data/tigr-glimmer-3.02b/src/Common/fasta.cc:134:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = fgetc (fp)) != EOF && ch != '>')
data/tigr-glimmer-3.02b/src/Common/fasta.cc:141:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = fgetc (fp)) != EOF && ch == ' ')
data/tigr-glimmer-3.02b/src/Common/fasta.cc:148:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = fgetc (fp)) != EOF && ch != '\n')
data/tigr-glimmer-3.02b/src/Common/fasta.cc:154:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = fgetc (fp)) != EOF && ch != '>')
data/tigr-glimmer-3.02b/src/Common/fasta.cc:194:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = fgetc (fp)) != EOF && ch != '>')
data/tigr-glimmer-3.02b/src/Common/fasta.cc:201:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = fgetc (fp)) != EOF && ch == ' ')
data/tigr-glimmer-3.02b/src/Common/fasta.cc:208:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = fgetc (fp)) != EOF && ch != '\n')
data/tigr-glimmer-3.02b/src/Common/fasta.cc:212:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = fgetc (fp)) != EOF && ch != '>')
data/tigr-glimmer-3.02b/src/Common/gene.cc:842:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((Ch = fgetc (fp)) != EOF && Ch != '>')
data/tigr-glimmer-3.02b/src/Common/gene.cc:849:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Len = strlen (Line);
data/tigr-glimmer-3.02b/src/Common/gene.cc:873:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((Ch = fgetc (fp)) != EOF && Ch != '>')
data/tigr-glimmer-3.02b/src/Common/gene.cc:931:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen (s);
data/tigr-glimmer-3.02b/src/Glimmer/glimmer2.cc:352:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Data_Len = strlen (Data + 1);
data/tigr-glimmer-3.02b/src/Glimmer/glimmer2.cc:1469:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
M = strlen (P + 1);
data/tigr-glimmer-3.02b/src/Glimmer/glimmer2.cc:1470:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
N = strlen (T + 1);
data/tigr-glimmer-3.02b/src/Glimmer/glimmer2.cc:2828:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
L = strlen (P);
data/tigr-glimmer-3.02b/src/Glimmer/glimmer2.cc:2842:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
L = strlen (P);
data/tigr-glimmer-3.02b/src/Glimmer/glimmer2.cc:2900:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
L = strlen (P);
data/tigr-glimmer-3.02b/src/Glimmer/glimmer2.cc:3079:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (Data + 1);
data/tigr-glimmer-3.02b/src/Glimmer/glimmer2.cc:3253:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (Data + 1);
data/tigr-glimmer-3.02b/src/ICM/build-fixed.cc:77:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Model_Len = strlen (Training_Data [0]);
data/tigr-glimmer-3.02b/src/ICM/build-fixed.cc:79:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (int (strlen (Training_Data [i])) != Model_Len)
data/tigr-glimmer-3.02b/src/ICM/build-fixed.cc:82:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i, int (strlen (Training_Data [i])));
data/tigr-glimmer-3.02b/src/ICM/build-fixed.cc:237:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = fgetc (fp)) != EOF && ch != ((int) '>'))
data/tigr-glimmer-3.02b/src/ICM/build-fixed.cc:244:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = fgetc (fp)) != EOF && ch != ((int) '\n') && isspace (ch))
data/tigr-glimmer-3.02b/src/ICM/build-fixed.cc:254:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = fgetc (fp)) != EOF && ch != ((int) '\n'))
data/tigr-glimmer-3.02b/src/ICM/build-fixed.cc:270:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = fgetc (fp)) != EOF && ch != ((int) '>'))
data/tigr-glimmer-3.02b/src/ICM/build-icm.cc:94:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (Training_Data [i]);
data/tigr-glimmer-3.02b/src/ICM/build-icm.cc:274:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = fgetc (fp)) != EOF && ch != ((int) '>'))
data/tigr-glimmer-3.02b/src/ICM/build-icm.cc:281:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = fgetc (fp)) != EOF && ch != ((int) '\n') && isspace (ch))
data/tigr-glimmer-3.02b/src/ICM/build-icm.cc:291:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = fgetc (fp)) != EOF && ch != ((int) '\n'))
data/tigr-glimmer-3.02b/src/ICM/build-icm.cc:307:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = fgetc (fp)) != EOF && ch != ((int) '>'))
data/tigr-glimmer-3.02b/src/ICM/icm.cc:963:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert (int (strlen (line)) < ID_STRING_LEN);
data/tigr-glimmer-3.02b/src/ICM/icm.cc:1177:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end = int (strlen (string));
data/tigr-glimmer-3.02b/src/ICM/icm.cc:1473:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void Fixed_Length_ICM_t :: read
data/tigr-glimmer-3.02b/src/ICM/icm.cc:1553:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (buff, w, length);
data/tigr-glimmer-3.02b/src/ICM/icm.cc:1601:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (buff, w, length);
data/tigr-glimmer-3.02b/src/ICM/icm.cc:1716:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (sub_data [j], data [j], i);
data/tigr-glimmer-3.02b/src/ICM/icm.cc:1779:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (line, "\n");
data/tigr-glimmer-3.02b/src/ICM/icm.cc:1781:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert (int (strlen (line)) < ID_STRING_LEN);
data/tigr-glimmer-3.02b/src/ICM/icm.cc:1827:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end = int (strlen (string));
data/tigr-glimmer-3.02b/src/ICM/icm.cc:1858:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end = int (strlen (string));
data/tigr-glimmer-3.02b/src/ICM/icm.cc:1943:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (data [0]);
data/tigr-glimmer-3.02b/src/ICM/icm.cc:1972:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (s, buff, n);
data/tigr-glimmer-3.02b/src/ICM/score-fixed.cc:46:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
pos_model . read (Pos_Model_Path);
data/tigr-glimmer-3.02b/src/ICM/score-fixed.cc:57:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
neg_fixed_model . read (Neg_Model_Path);
data/tigr-glimmer-3.02b/src/ICM/score-fixed.cc:71:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (string);
data/tigr-glimmer-3.02b/src/ICM/score-fixed.cc:77:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
neg_score = neg_icm_model . Score_String (string, strlen (string), 1);
data/tigr-glimmer-3.02b/src/ICM/score-fixed.cc:166:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = fgetc (fp)) != EOF && ch != ((int) '>'))
data/tigr-glimmer-3.02b/src/ICM/score-fixed.cc:173:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = fgetc (fp)) != EOF && ch != ((int) '\n') && isspace (ch))
data/tigr-glimmer-3.02b/src/ICM/score-fixed.cc:183:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = fgetc (fp)) != EOF && ch != ((int) '\n'))
data/tigr-glimmer-3.02b/src/ICM/score-fixed.cc:199:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = fgetc (fp)) != EOF && ch != ((int) '>'))
data/tigr-glimmer-3.02b/src/Util/entropy-score.cc:156:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen (line);
ANALYSIS SUMMARY:
Hits = 356
Lines analyzed = 33423 in approximately 1.50 seconds (22334 lines/second)
Physical Source Lines of Code (SLOC) = 23620
Hits@level = [0] 768 [1] 110 [2] 136 [3] 48 [4] 62 [5] 0
Hits@level+ = [0+] 1124 [1+] 356 [2+] 246 [3+] 110 [4+] 62 [5+] 0
Hits/KSLOC@level+ = [0+] 47.5868 [1+] 15.072 [2+] 10.4149 [3+] 4.65707 [4+] 2.62489 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.