stdin

Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/votca-csg-1.6.2/CMakeModules/CheckFunctionExists.cpp
Examining data/votca-csg-1.6.2/include/votca/csg/basebead.h
Examining data/votca-csg-1.6.2/include/votca/csg/bead.h
Examining data/votca-csg-1.6.2/include/votca/csg/beadlist.h
Examining data/votca-csg-1.6.2/include/votca/csg/beadmotif.h
Examining data/votca-csg-1.6.2/include/votca/csg/beadmotifalgorithms.h
Examining data/votca-csg-1.6.2/include/votca/csg/beadmotifconnector.h
Examining data/votca-csg-1.6.2/include/votca/csg/beadpair.h
Examining data/votca-csg-1.6.2/include/votca/csg/beadstructure.h
Examining data/votca-csg-1.6.2/include/votca/csg/beadstructurealgorithms.h
Examining data/votca-csg-1.6.2/include/votca/csg/beadtriple.h
Examining data/votca-csg-1.6.2/include/votca/csg/beadtype.h
Examining data/votca-csg-1.6.2/include/votca/csg/boundarycondition.h
Examining data/votca-csg-1.6.2/include/votca/csg/cgengine.h
Examining data/votca-csg-1.6.2/include/votca/csg/cgmoleculedef.h
Examining data/votca-csg-1.6.2/include/votca/csg/cgobserver.h
Examining data/votca-csg-1.6.2/include/votca/csg/csgapplication.h
Examining data/votca-csg-1.6.2/include/votca/csg/exclusionlist.h
Examining data/votca-csg-1.6.2/include/votca/csg/fileformatfactory.h
Examining data/votca-csg-1.6.2/include/votca/csg/imcio.h
Examining data/votca-csg-1.6.2/include/votca/csg/interaction.h
Examining data/votca-csg-1.6.2/include/votca/csg/map.h
Examining data/votca-csg-1.6.2/include/votca/csg/molecule.h
Examining data/votca-csg-1.6.2/include/votca/csg/moleculeitem.h
Examining data/votca-csg-1.6.2/include/votca/csg/nblist.h
Examining data/votca-csg-1.6.2/include/votca/csg/nblist_3body.h
Examining data/votca-csg-1.6.2/include/votca/csg/nblistgrid.h
Examining data/votca-csg-1.6.2/include/votca/csg/nblistgrid_3body.h
Examining data/votca-csg-1.6.2/include/votca/csg/nematicorder.h
Examining data/votca-csg-1.6.2/include/votca/csg/openbox.h
Examining data/votca-csg-1.6.2/include/votca/csg/orthorhombicbox.h
Examining data/votca-csg-1.6.2/include/votca/csg/pairlist.h
Examining data/votca-csg-1.6.2/include/votca/csg/pdbwriter.h
Examining data/votca-csg-1.6.2/include/votca/csg/potentialfunctions/potentialfunction.h
Examining data/votca-csg-1.6.2/include/votca/csg/potentialfunctions/potentialfunctioncbspl.h
Examining data/votca-csg-1.6.2/include/votca/csg/potentialfunctions/potentialfunctionlj126.h
Examining data/votca-csg-1.6.2/include/votca/csg/potentialfunctions/potentialfunctionljg.h
Examining data/votca-csg-1.6.2/include/votca/csg/residue.h
Examining data/votca-csg-1.6.2/include/votca/csg/topology.h
Examining data/votca-csg-1.6.2/include/votca/csg/topologyitem.h
Examining data/votca-csg-1.6.2/include/votca/csg/topologymap.h
Examining data/votca-csg-1.6.2/include/votca/csg/topologyreader.h
Examining data/votca-csg-1.6.2/include/votca/csg/trajectoryreader.h
Examining data/votca-csg-1.6.2/include/votca/csg/trajectorywriter.h
Examining data/votca-csg-1.6.2/include/votca/csg/triclinicbox.h
Examining data/votca-csg-1.6.2/include/votca/csg/triplelist.h
Examining data/votca-csg-1.6.2/include/votca/csg/version.h
Examining data/votca-csg-1.6.2/include/votca/csg/xyzreader.h
Examining data/votca-csg-1.6.2/include/votca/csg/xyzwriter.h
Examining data/votca-csg-1.6.2/share/template/template_serial.cc
Examining data/votca-csg-1.6.2/share/template/template_threaded.cc
Examining data/votca-csg-1.6.2/src/csg_boltzmann/analysistool.h
Examining data/votca-csg-1.6.2/src/csg_boltzmann/bondedstatistics.cc
Examining data/votca-csg-1.6.2/src/csg_boltzmann/bondedstatistics.h
Examining data/votca-csg-1.6.2/src/csg_boltzmann/main.cc
Examining data/votca-csg-1.6.2/src/csg_boltzmann/stdanalysis.cc
Examining data/votca-csg-1.6.2/src/csg_boltzmann/stdanalysis.h
Examining data/votca-csg-1.6.2/src/csg_boltzmann/tabulatedpotential.cc
Examining data/votca-csg-1.6.2/src/csg_boltzmann/tabulatedpotential.h
Examining data/votca-csg-1.6.2/src/libcsg/beadlist.cc
Examining data/votca-csg-1.6.2/src/libcsg/beadmotif.cc
Examining data/votca-csg-1.6.2/src/libcsg/beadmotifalgorithms.cc
Examining data/votca-csg-1.6.2/src/libcsg/beadmotifconnector.cc
Examining data/votca-csg-1.6.2/src/libcsg/beadstructurealgorithms.cc
Examining data/votca-csg-1.6.2/src/libcsg/boundarycondition.cc
Examining data/votca-csg-1.6.2/src/libcsg/cgengine.cc
Examining data/votca-csg-1.6.2/src/libcsg/cgmoleculedef.cc
Examining data/votca-csg-1.6.2/src/libcsg/csgapplication.cc
Examining data/votca-csg-1.6.2/src/libcsg/exclusionlist.cc
Examining data/votca-csg-1.6.2/src/libcsg/imcio.cc
Examining data/votca-csg-1.6.2/src/libcsg/map.cc
Examining data/votca-csg-1.6.2/src/libcsg/modules/io/dlpolytopologyreader.cc
Examining data/votca-csg-1.6.2/src/libcsg/modules/io/dlpolytopologyreader.h
Examining data/votca-csg-1.6.2/src/libcsg/modules/io/dlpolytrajectoryreader.cc
Examining data/votca-csg-1.6.2/src/libcsg/modules/io/dlpolytrajectoryreader.h
Examining data/votca-csg-1.6.2/src/libcsg/modules/io/dlpolytrajectorywriter.cc
Examining data/votca-csg-1.6.2/src/libcsg/modules/io/dlpolytrajectorywriter.h
Examining data/votca-csg-1.6.2/src/libcsg/modules/io/gmxtopologyreader.cc
Examining data/votca-csg-1.6.2/src/libcsg/modules/io/gmxtopologyreader.h
Examining data/votca-csg-1.6.2/src/libcsg/modules/io/gmxtrajectoryreader.cc
Examining data/votca-csg-1.6.2/src/libcsg/modules/io/gmxtrajectoryreader.h
Examining data/votca-csg-1.6.2/src/libcsg/modules/io/gmxtrajectorywriter.cc
Examining data/votca-csg-1.6.2/src/libcsg/modules/io/gmxtrajectorywriter.h
Examining data/votca-csg-1.6.2/src/libcsg/modules/io/groreader.cc
Examining data/votca-csg-1.6.2/src/libcsg/modules/io/groreader.h
Examining data/votca-csg-1.6.2/src/libcsg/modules/io/growriter.cc
Examining data/votca-csg-1.6.2/src/libcsg/modules/io/growriter.h
Examining data/votca-csg-1.6.2/src/libcsg/modules/io/h5mdtrajectoryreader.cc
Examining data/votca-csg-1.6.2/src/libcsg/modules/io/h5mdtrajectoryreader.h
Examining data/votca-csg-1.6.2/src/libcsg/modules/io/lammpsdatareader.cc
Examining data/votca-csg-1.6.2/src/libcsg/modules/io/lammpsdatareader.h
Examining data/votca-csg-1.6.2/src/libcsg/modules/io/lammpsdumpreader.cc
Examining data/votca-csg-1.6.2/src/libcsg/modules/io/lammpsdumpreader.h
Examining data/votca-csg-1.6.2/src/libcsg/modules/io/lammpsdumpwriter.cc
Examining data/votca-csg-1.6.2/src/libcsg/modules/io/lammpsdumpwriter.h
Examining data/votca-csg-1.6.2/src/libcsg/modules/io/pdbreader.cc
Examining data/votca-csg-1.6.2/src/libcsg/modules/io/pdbreader.h
Examining data/votca-csg-1.6.2/src/libcsg/modules/io/pdbwriter.cc
Examining data/votca-csg-1.6.2/src/libcsg/modules/io/xmltopologyreader.cc
Examining data/votca-csg-1.6.2/src/libcsg/modules/io/xmltopologyreader.h
Examining data/votca-csg-1.6.2/src/libcsg/modules/io/xyzreader.cc
Examining data/votca-csg-1.6.2/src/libcsg/modules/io/xyzwriter.cc
Examining data/votca-csg-1.6.2/src/libcsg/molecule.cc
Examining data/votca-csg-1.6.2/src/libcsg/nblist.cc
Examining data/votca-csg-1.6.2/src/libcsg/nblist_3body.cc
Examining data/votca-csg-1.6.2/src/libcsg/nblistgrid.cc
Examining data/votca-csg-1.6.2/src/libcsg/nblistgrid_3body.cc
Examining data/votca-csg-1.6.2/src/libcsg/nematicorder.cc
Examining data/votca-csg-1.6.2/src/libcsg/openbox.cc
Examining data/votca-csg-1.6.2/src/libcsg/orthorhombicbox.cc
Examining data/votca-csg-1.6.2/src/libcsg/potentialfunctions/potentialfunction.cc
Examining data/votca-csg-1.6.2/src/libcsg/potentialfunctions/potentialfunctioncbspl.cc
Examining data/votca-csg-1.6.2/src/libcsg/potentialfunctions/potentialfunctionlj126.cc
Examining data/votca-csg-1.6.2/src/libcsg/potentialfunctions/potentialfunctionljg.cc
Examining data/votca-csg-1.6.2/src/libcsg/topology.cc
Examining data/votca-csg-1.6.2/src/libcsg/topologymap.cc
Examining data/votca-csg-1.6.2/src/libcsg/topologyreader.cc
Examining data/votca-csg-1.6.2/src/libcsg/trajectoryreader.cc
Examining data/votca-csg-1.6.2/src/libcsg/trajectorywriter.cc
Examining data/votca-csg-1.6.2/src/libcsg/triclinicbox.cc
Examining data/votca-csg-1.6.2/src/libcsg/version.cc
Examining data/votca-csg-1.6.2/src/tests/test_basebead.cc
Examining data/votca-csg-1.6.2/src/tests/test_bead.cc
Examining data/votca-csg-1.6.2/src/tests/test_beadmotif_algorithms.cc
Examining data/votca-csg-1.6.2/src/tests/test_beadmotif_base.cc
Examining data/votca-csg-1.6.2/src/tests/test_beadmotif_connector.cc
Examining data/votca-csg-1.6.2/src/tests/test_beadstructure_algorithms.cc
Examining data/votca-csg-1.6.2/src/tests/test_beadstructure_base.cc
Examining data/votca-csg-1.6.2/src/tests/test_beadtriple.cc
Examining data/votca-csg-1.6.2/src/tests/test_bondedstatistics.cc
Examining data/votca-csg-1.6.2/src/tests/test_csg_topology.cc
Examining data/votca-csg-1.6.2/src/tests/test_interaction.cc
Examining data/votca-csg-1.6.2/src/tests/test_lammpsdatareader.cc
Examining data/votca-csg-1.6.2/src/tests/test_lammpsdumpreaderwriter.cc
Examining data/votca-csg-1.6.2/src/tests/test_nblist_3body.cc
Examining data/votca-csg-1.6.2/src/tests/test_nblistgrid_3body.cc
Examining data/votca-csg-1.6.2/src/tests/test_pdbreader.cc
Examining data/votca-csg-1.6.2/src/tests/test_tabulatedpotential.cc
Examining data/votca-csg-1.6.2/src/tests/test_triplelist.cc
Examining data/votca-csg-1.6.2/src/tools/csg_density.cc
Examining data/votca-csg-1.6.2/src/tools/csg_dlptopol.cc
Examining data/votca-csg-1.6.2/src/tools/csg_dump.cc
Examining data/votca-csg-1.6.2/src/tools/csg_fmatch.cc
Examining data/votca-csg-1.6.2/src/tools/csg_fmatch.h
Examining data/votca-csg-1.6.2/src/tools/csg_gmxtopol.cc
Examining data/votca-csg-1.6.2/src/tools/csg_imc_solve.cc
Examining data/votca-csg-1.6.2/src/tools/csg_imc_solve.h
Examining data/votca-csg-1.6.2/src/tools/csg_map.cc
Examining data/votca-csg-1.6.2/src/tools/csg_property.cc
Examining data/votca-csg-1.6.2/src/tools/csg_resample.cc
Examining data/votca-csg-1.6.2/src/tools/csg_reupdate.cc
Examining data/votca-csg-1.6.2/src/tools/csg_reupdate.h
Examining data/votca-csg-1.6.2/src/tools/csg_stat.cc
Examining data/votca-csg-1.6.2/src/tools/csg_stat_imc.cc
Examining data/votca-csg-1.6.2/src/tools/csg_stat_imc.h

FINAL RESULTS:

data/votca-csg-1.6.2/src/libcsg/modules/io/growriter.cc:69:7:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
      fprintf(_out, format, r.x(), r.y(), r.z(), vv.x(), vv.y(), vv.z());
data/votca-csg-1.6.2/src/libcsg/modules/io/growriter.cc:71:7:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
      fprintf(_out, format, r.x(), r.y(), r.z());
data/votca-csg-1.6.2/src/libcsg/modules/io/growriter.cc:91:5:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    fprintf(_out, format, box(0, 0), box(1, 1), box(2, 2), box(1, 0), box(2, 0),
data/votca-csg-1.6.2/src/libcsg/modules/io/growriter.cc:95:5:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    fprintf(_out, format, box(0, 0), box(1, 1), box(2, 2));
data/votca-csg-1.6.2/src/csg_boltzmann/main.cc:92:8:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    fl.open(OptionsMap()["excl"].as<string>());
data/votca-csg-1.6.2/src/csg_boltzmann/stdanalysis.cc:101:7:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  out.open(args[0]);
data/votca-csg-1.6.2/src/csg_boltzmann/stdanalysis.cc:120:7:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  out.open(args[0]);
data/votca-csg-1.6.2/src/csg_boltzmann/stdanalysis.cc:139:7:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  out.open(args[0]);
data/votca-csg-1.6.2/src/csg_boltzmann/tabulatedpotential.cc:207:7:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  out.open(args[0]);
data/votca-csg-1.6.2/src/csg_boltzmann/tabulatedpotential.cc:237:7:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  out.open(args[0]);
data/votca-csg-1.6.2/src/libcsg/imcio.cc:39:10:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  out_dS.open(file);
data/votca-csg-1.6.2/src/libcsg/imcio.cc:62:9:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  out_A.open(file);
data/votca-csg-1.6.2/src/libcsg/imcio.cc:93:11:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  out_idx.open(file);
data/votca-csg-1.6.2/src/libcsg/imcio.cc:108:8:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  intt.open(filename);
data/votca-csg-1.6.2/src/libcsg/imcio.cc:143:6:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  in.open(filename);
data/votca-csg-1.6.2/src/libcsg/modules/io/dlpolytopologyreader.cc:163:6:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  fl.open(_fname);
data/votca-csg-1.6.2/src/libcsg/modules/io/dlpolytrajectoryreader.cc:71:7:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  _fl.open(_fname);
data/votca-csg-1.6.2/src/libcsg/modules/io/dlpolytrajectorywriter.cc:70:7:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  _fl.open(_fname);
data/votca-csg-1.6.2/src/libcsg/modules/io/groreader.cc:34:7:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  _fl.open(file);
data/votca-csg-1.6.2/src/libcsg/modules/io/groreader.cc:47:7:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  _fl.open(file);
data/votca-csg-1.6.2/src/libcsg/modules/io/growriter.cc:28:10:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  _out = fopen(file.c_str(), bAppend ? "at" : "wt");
data/votca-csg-1.6.2/src/libcsg/modules/io/growriter.cc:34:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char format[100];
data/votca-csg-1.6.2/src/libcsg/modules/io/growriter.cc:50:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(format,
data/votca-csg-1.6.2/src/libcsg/modules/io/growriter.cc:54:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(format, "%%%ld.%ldf%%%ld.%ldf%%%ld.%ldf\n", l, pr, l, pr, l, pr);
data/votca-csg-1.6.2/src/libcsg/modules/io/growriter.cc:87:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(format,
data/votca-csg-1.6.2/src/libcsg/modules/io/growriter.cc:94:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(format, "%%%ld.%ldf%%%ld.%ldf%%%ld.%ldf\n", l, pr, l, pr, l, pr);
data/votca-csg-1.6.2/src/libcsg/modules/io/lammpsdatareader.cc:72:7:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  fl_.open(file);
data/votca-csg-1.6.2/src/libcsg/modules/io/lammpsdatareader.cc:90:7:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  fl_.open(file);
data/votca-csg-1.6.2/src/libcsg/modules/io/lammpsdumpreader.cc:35:7:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  _fl.open(file);
data/votca-csg-1.6.2/src/libcsg/modules/io/lammpsdumpreader.cc:49:7:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  _fl.open(file);
data/votca-csg-1.6.2/src/libcsg/modules/io/lammpsdumpwriter.cc:30:10:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  _out = fopen(file.c_str(), bAppend ? "at" : "wt");
data/votca-csg-1.6.2/src/libcsg/modules/io/pdbreader.cc:36:7:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  _fl.open(file);
data/votca-csg-1.6.2/src/libcsg/modules/io/pdbreader.cc:49:7:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  _fl.open(file);
data/votca-csg-1.6.2/src/libcsg/modules/io/pdbwriter.cc:30:10:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    _out.open(file, std::ios_base::app);
data/votca-csg-1.6.2/src/libcsg/modules/io/pdbwriter.cc:32:10:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    _out.open(file);
data/votca-csg-1.6.2/src/libcsg/modules/io/xyzreader.cc:30:7:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  _fl.open(file);
data/votca-csg-1.6.2/src/libcsg/modules/io/xyzreader.cc:46:7:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  _fl.open(file);
data/votca-csg-1.6.2/src/libcsg/modules/io/xyzwriter.cc:26:10:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    _out.open(file, std::ios_base::app);
data/votca-csg-1.6.2/src/libcsg/modules/io/xyzwriter.cc:28:10:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    _out.open(file);
data/votca-csg-1.6.2/src/tests/test_tabulatedpotential.cc:36:8:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  file.open(file_name);
data/votca-csg-1.6.2/src/tools/csg_dlptopol.cc:186:6:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  fl.open(fname);
data/votca-csg-1.6.2/src/tools/csg_gmxtopol.cc:64:6:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  fl.open((OptionsMap()["out"].as<string>() + ".top"));
data/votca-csg-1.6.2/src/tools/csg_stat_imc.cc:785:12:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    out_dS.open(name_dS);
data/votca-csg-1.6.2/src/tools/csg_stat_imc.cc:801:13:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    out_cor.open(name_cor);

ANALYSIS SUMMARY:

Hits = 44
Lines analyzed = 26400 in approximately 0.78 seconds (33981 lines/second)
Physical Source Lines of Code (SLOC) = 17367
Hits@level = [0]  16 [1]   0 [2]  40 [3]   0 [4]   4 [5]   0
Hits@level+ = [0+]  60 [1+]  44 [2+]  44 [3+]   4 [4+]   4 [5+]   0
Hits/KSLOC@level+ = [0+] 3.45483 [1+] 2.53354 [2+] 2.53354 [3+] 0.230322 [4+] 0.230322 [5+]   0
Dot directories skipped = 3 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.