Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/waili-19990723/lib/LChannel.C Examining data/waili-19990723/lib/Wavelet_CDF_1_x.C Examining data/waili-19990723/lib/myLifting.C Examining data/waili-19990723/lib/LChannelR.C Examining data/waili-19990723/lib/Image.C Examining data/waili-19990723/lib/Color.C Examining data/waili-19990723/lib/Channel.C Examining data/waili-19990723/lib/Wavelet_bin.C Examining data/waili-19990723/lib/Storage.C Examining data/waili-19990723/lib/Wavelet_CDF_2_x.C Examining data/waili-19990723/lib/LChannelCR.C Examining data/waili-19990723/lib/Wavelet_CDF_4_x.C Examining data/waili-19990723/lib/Wavelet_JPEG2000.C Examining data/waili-19990723/lib/Wavelet.C Examining data/waili-19990723/lib/NTChannel.C Examining data/waili-19990723/lib/LChannelC.C Examining data/waili-19990723/lib/Wavelet_gain.C Examining data/waili-19990723/lib/Timer.C Examining data/waili-19990723/lib/Lifting.C Examining data/waili-19990723/lib/Util.C Examining data/waili-19990723/include/waili/Color.h Examining data/waili-19990723/include/waili/Compiler.h Examining data/waili-19990723/include/waili/Lifting.inline.h Examining data/waili-19990723/include/waili/Timer.h Examining data/waili-19990723/include/waili/Lifting.h Examining data/waili-19990723/include/waili/Wavelet.h Examining data/waili-19990723/include/waili/Blit.h Examining data/waili-19990723/include/waili/Storage.h Examining data/waili-19990723/include/waili/Wavelet_gain.h Examining data/waili-19990723/include/waili/Channel.h Examining data/waili-19990723/include/waili/NTChannel.h Examining data/waili-19990723/include/waili/Util.h Examining data/waili-19990723/include/waili/Wavelet_bin.h Examining data/waili-19990723/include/waili/Image.h Examining data/waili-19990723/include/waili/LChannel.h Examining data/waili-19990723/include/waili/LChannelCR.h Examining data/waili-19990723/include/waili/LChannelC.h Examining data/waili-19990723/include/waili/LChannelR.h Examining data/waili-19990723/include/waili/Types.h Examining data/waili-19990723/include/waili/gtk.h Examining data/waili-19990723/test/Histogram.C Examining data/waili-19990723/test/Proof.C Examining data/waili-19990723/test/Example.C Examining data/waili-19990723/test/Test.C Examining data/waili-19990723/test/Rangecheck.C Examining data/waili-19990723/test/Demo.C FINAL RESULTS: data/waili-19990723/include/waili/Storage.h:94:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. __attribute__ ((format (printf, 2, 3))) data/waili-19990723/include/waili/Util.h:39:35: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. __attribute__ ((noreturn, format (printf, 1, 2))) data/waili-19990723/lib/Storage.C:75:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(cmd, "zcat %s", name); data/waili-19990723/lib/Storage.C:79:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(cmd, "gzip > %s", name); data/waili-19990723/lib/Storage.C:83:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(cmd, "gzip >> %s", name); data/waili-19990723/lib/Storage.C:87:15: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if (!(File = popen(cmd, pmode))) data/waili-19990723/lib/Storage.C:98:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(Name, name); data/waili-19990723/lib/Storage.C:100:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(Mode, mode); data/waili-19990723/lib/Storage.C:147:5: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf(File, fmt, args); data/waili-19990723/lib/Timer.C:38:68: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. static inline void CurrentTime(time_t &real, time_t &user, time_t &system) data/waili-19990723/lib/Timer.C:52:24: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. time_t real, user, system; data/waili-19990723/lib/Timer.C:55:26: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. CurrentTime(real, user, system); data/waili-19990723/lib/Timer.C:68:24: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. time_t real, user, system; data/waili-19990723/lib/Timer.C:71:26: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. CurrentTime(real, user, system); data/waili-19990723/lib/Timer.C:95:24: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. time_t real, user, system; data/waili-19990723/lib/Timer.C:98:26: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. CurrentTime(real, user, system); data/waili-19990723/lib/Timer.C:111:24: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. time_t real, user, system; data/waili-19990723/lib/Timer.C:114:26: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. CurrentTime(real, user, system); data/waili-19990723/lib/Timer.C:127:24: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. time_t real, user, system; data/waili-19990723/lib/Timer.C:130:26: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. CurrentTime(real, user, system); data/waili-19990723/lib/Timer.C:135:17: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. return((f32)system/CLOCKS_PER_SEC); data/waili-19990723/lib/Timer.C:144:24: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. time_t real, user, system; data/waili-19990723/lib/Timer.C:147:26: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. CurrentTime(real, user, system); data/waili-19990723/lib/Util.C:44:28: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. if(strlen(ERRSTR)<511) vsnprintf(ERRSTR+strlen(ERRSTR), 512-strlen(ERRSTR), fmt, args); data/waili-19990723/test/Demo.C:320:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(File, argv[0]); data/waili-19990723/test/Demo.C:360:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(File, argv[0]); data/waili-19990723/test/Demo.C:413:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(File, argv[0]); data/waili-19990723/test/Demo.C:431:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(File, argv[0]); data/waili-19990723/test/Demo.C:455:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(command, "if which xv >/dev/null ; then xv %s & else display %s & fi", filename,filename); data/waili-19990723/test/Demo.C:456:5: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system(command); data/waili-19990723/test/Demo.C:789:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(command, "xterm -iconic -ut -T gnuplot -e gnuplot -name \"Level " data/waili-19990723/test/Demo.C:792:5: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system(command); data/waili-19990723/test/Histogram.C:60:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(epsfile, "%s_%02d_%02d_%1d.eps", Prefix, channel, level, subband); data/waili-19990723/test/Histogram.C:89:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(command, "gnuplot %s", plotscript); data/waili-19990723/test/Histogram.C:90:5: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system(command); data/waili-19990723/test/Demo.C:567:15: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. x = (double)random()/INT_MAX; data/waili-19990723/test/Demo.C:589:6: [3] (random) srandom: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srandom(seed); data/waili-19990723/lib/Image.C:184:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[256]; data/waili-19990723/lib/Storage.C:93:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!(File = fopen(name, mode))) data/waili-19990723/lib/Util.C:35:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char ERRSTR[512]; data/waili-19990723/test/Demo.C:39:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char CommandLine[MAX_CMD_LINE]; data/waili-19990723/test/Demo.C:61:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(filename, "/var/tmp/Demo.%05d.%05d", getpid(), cnt++); data/waili-19990723/test/Demo.C:63:35: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char **list = new const char *[DeleteListLen]; data/waili-19990723/test/Demo.C:337:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). u_int w = atoi(argv[0]); data/waili-19990723/test/Demo.C:338:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). u_int h = atoi(argv[1]); data/waili-19990723/test/Demo.C:339:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). u_int ch = atoi(argv[2]); data/waili-19990723/test/Demo.C:449:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char command[512]; data/waili-19990723/test/Demo.C:466:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). u_int np = atoi(argv[0]); data/waili-19990723/test/Demo.C:467:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). u_int nd = atoi(argv[1]); data/waili-19990723/test/Demo.C:471:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). u_int n = atoi(argv[0]); data/waili-19990723/test/Demo.C:714:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). u_int level = atoi(argv[0]); data/waili-19990723/test/Demo.C:722:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). u_int subband = atoi(argv[0]); data/waili-19990723/test/Demo.C:732:7: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ch = atoi(argv[0]); data/waili-19990723/test/Demo.C:788:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char command[160]; data/waili-19990723/test/Histogram.C:67:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(plotdata, "/tmp/tmp.%05d.data", getpid()); data/waili-19990723/test/Histogram.C:78:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(plotscript, "/tmp/tmp.%05d.script", getpid()); data/waili-19990723/test/Histogram.C:116:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). np = atoi(argv[1]); data/waili-19990723/test/Histogram.C:123:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). nd = atoi(argv[1]); data/waili-19990723/test/Histogram.C:130:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). maxlevels = atoi(argv[1]); data/waili-19990723/test/Proof.C:99:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). np = atoi(argv[1]); data/waili-19990723/test/Proof.C:106:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). nd = atoi(argv[1]); data/waili-19990723/test/Proof.C:113:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). levels = atoi(argv[1]); data/waili-19990723/test/Rangecheck.C:174:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). np = atoi(argv[1]); data/waili-19990723/test/Rangecheck.C:181:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). nd = atoi(argv[1]); data/waili-19990723/test/Rangecheck.C:188:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). numlevels = atoi(argv[1]); data/waili-19990723/test/Rangecheck.C:195:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). minval = atoi(argv[1]); data/waili-19990723/test/Rangecheck.C:202:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). maxval = atoi(argv[1]); data/waili-19990723/test/Test.C:91:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). np = atoi(argv[1]); data/waili-19990723/test/Test.C:98:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). nd = atoi(argv[1]); data/waili-19990723/test/Test.C:105:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). maxlevels = atoi(argv[1]); data/waili-19990723/include/waili/Storage.h:291:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). RawWrite(s, strlen(s)); data/waili-19990723/lib/Storage.C:66:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). u_int nlen = strlen(name); data/waili-19990723/lib/Storage.C:99:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). Mode = new char[strlen(mode)+1]; data/waili-19990723/lib/Util.C:44:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(ERRSTR)<511) vsnprintf(ERRSTR+strlen(ERRSTR), 512-strlen(ERRSTR), fmt, args); data/waili-19990723/lib/Util.C:44:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(ERRSTR)<511) vsnprintf(ERRSTR+strlen(ERRSTR), 512-strlen(ERRSTR), fmt, args); data/waili-19990723/lib/Util.C:44:65: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(ERRSTR)<511) vsnprintf(ERRSTR+strlen(ERRSTR), 512-strlen(ERRSTR), fmt, args); data/waili-19990723/test/Demo.C:89:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). u_int last = strlen(CommandLine)-1; data/waili-19990723/test/Demo.C:319:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). File = new char[strlen(argv[0])+1]; data/waili-19990723/test/Demo.C:359:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). File = new char[strlen(argv[0])+1]; data/waili-19990723/test/Demo.C:412:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). File = new char[strlen(argv[0])+1]; data/waili-19990723/test/Demo.C:430:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). File = new char[strlen(argv[0])+1]; data/waili-19990723/test/Demo.C:923:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int l=strlen(line); data/waili-19990723/test/Histogram.C:59:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *epsfile = new char[strlen(Prefix)+sizeof("_xx_xx_x.eps")]; data/waili-19990723/test/Histogram.C:88:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *command = new char[strlen(plotscript)+sizeof("gnuplot ")]; ANALYSIS SUMMARY: Hits = 84 Lines analyzed = 13941 in approximately 0.30 seconds (45960 lines/second) Physical Source Lines of Code (SLOC) = 10237 Hits@level = [0] 35 [1] 14 [2] 33 [3] 2 [4] 35 [5] 0 Hits@level+ = [0+] 119 [1+] 84 [2+] 70 [3+] 37 [4+] 35 [5+] 0 Hits/KSLOC@level+ = [0+] 11.6245 [1+] 8.20553 [2+] 6.83794 [3+] 3.61434 [4+] 3.41897 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.