Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/r-cran-isospecr-2.1.3/src/isoMath.h Examining data/r-cran-isospecr-2.1.3/src/mman.h Examining data/r-cran-isospecr-2.1.3/src/platform_incl.h Examining data/r-cran-isospecr-2.1.3/src/mman.cpp Examining data/r-cran-isospecr-2.1.3/src/misc.cpp Examining data/r-cran-isospecr-2.1.3/src/marginalTrek++.h Examining data/r-cran-isospecr-2.1.3/src/allocator.cpp Examining data/r-cran-isospecr-2.1.3/src/operators.cpp Examining data/r-cran-isospecr-2.1.3/src/operators.h Examining data/r-cran-isospecr-2.1.3/src/dirtyAllocator.h Examining data/r-cran-isospecr-2.1.3/src/element_tables.h Examining data/r-cran-isospecr-2.1.3/src/platform.h Examining data/r-cran-isospecr-2.1.3/src/isoMath.cpp Examining data/r-cran-isospecr-2.1.3/src/dirtyAllocator.cpp Examining data/r-cran-isospecr-2.1.3/src/isoSpec++.h Examining data/r-cran-isospecr-2.1.3/src/fasta.cpp Examining data/r-cran-isospecr-2.1.3/src/isoSpec++.cpp Examining data/r-cran-isospecr-2.1.3/src/pod_vector.h Examining data/r-cran-isospecr-2.1.3/src/misc.h Examining data/r-cran-isospecr-2.1.3/src/Rinterface.cpp Examining data/r-cran-isospecr-2.1.3/src/summator.h Examining data/r-cran-isospecr-2.1.3/src/fixedEnvelopes.cpp Examining data/r-cran-isospecr-2.1.3/src/fixedEnvelopes.h Examining data/r-cran-isospecr-2.1.3/src/unity-build.cpp Examining data/r-cran-isospecr-2.1.3/src/cwrapper.cpp Examining data/r-cran-isospecr-2.1.3/src/marginalTrek++.cpp Examining data/r-cran-isospecr-2.1.3/src/fasta.h Examining data/r-cran-isospecr-2.1.3/src/allocator.h Examining data/r-cran-isospecr-2.1.3/src/RcppExports.cpp Examining data/r-cran-isospecr-2.1.3/src/btrd.h Examining data/r-cran-isospecr-2.1.3/src/cwrapper.h Examining data/r-cran-isospecr-2.1.3/src/IsoSpecR_init.c Examining data/r-cran-isospecr-2.1.3/src/conf.h Examining data/r-cran-isospecr-2.1.3/src/element_tables.cpp FINAL RESULTS: data/r-cran-isospecr-2.1.3/src/allocator.h:30:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(destination, source, dim*sizeof(T)); data/r-cran-isospecr-2.1.3/src/fixedEnvelopes.cpp:75:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(nprobs, _probs, sizeof(double) * _confs_no); data/r-cran-isospecr-2.1.3/src/fixedEnvelopes.cpp:76:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(nmasses, _masses, sizeof(double) * _confs_no); data/r-cran-isospecr-2.1.3/src/fixedEnvelopes.cpp:78:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(nprobs+_confs_no, other._probs, sizeof(double) * other._confs_no); data/r-cran-isospecr-2.1.3/src/fixedEnvelopes.cpp:79:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(nmasses+_confs_no, other._masses, sizeof(double) * other._confs_no); data/r-cran-isospecr-2.1.3/src/fixedEnvelopes.cpp:139:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(order_c, order, sizeof(size_t)*size); data/r-cran-isospecr-2.1.3/src/fixedEnvelopes.cpp:178:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(swapspace, &_confs[ii*allDim], allDimSizeofInt); data/r-cran-isospecr-2.1.3/src/fixedEnvelopes.cpp:179:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&_confs[ii*allDim], &_confs[inverse[ii]*allDim], allDimSizeofInt); data/r-cran-isospecr-2.1.3/src/fixedEnvelopes.cpp:180:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&_confs[inverse[ii]*allDim], swapspace, allDimSizeofInt); data/r-cran-isospecr-2.1.3/src/fixedEnvelopes.cpp:243:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(newmasses + cntr, spectra[ii]->_masses, sizeof(double) * spectra[ii]->_confs_no); data/r-cran-isospecr-2.1.3/src/fixedEnvelopes.h:149:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(conf_swapspace, c1, this->allDimSizeofInt); data/r-cran-isospecr-2.1.3/src/fixedEnvelopes.h:150:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(c1, c2, this->allDimSizeofInt); data/r-cran-isospecr-2.1.3/src/fixedEnvelopes.h:151:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(c2, conf_swapspace, this->allDimSizeofInt); data/r-cran-isospecr-2.1.3/src/isoSpec++.cpp:899:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(acceptedCandidateIsoCounts, topConfIsoCounts, confSize); data/r-cran-isospecr-2.1.3/src/isoSpec++.h:271:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(space, marginalResults[ii]->confs()[c[ii]], isotopeNumbers[ii]*sizeof(int)); data/r-cran-isospecr-2.1.3/src/isoSpec++.h:323:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(space, marginalResultsUnsorted[ii]->get_conf(counter[jj]), isotopeNumbers[ii]*sizeof(int)); data/r-cran-isospecr-2.1.3/src/isoSpec++.h:331:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(space, marginalResultsUnsorted[ii]->get_conf(counter[ii]), isotopeNumbers[ii]*sizeof(int)); data/r-cran-isospecr-2.1.3/src/isoSpec++.h:469:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(space, marginalResultsUnsorted[ii]->get_conf(counter[jj]), isotopeNumbers[ii]*sizeof(int)); data/r-cran-isospecr-2.1.3/src/isoSpec++.h:477:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(space, marginalResultsUnsorted[ii]->get_conf(counter[ii]), isotopeNumbers[ii]*sizeof(int)); data/r-cran-isospecr-2.1.3/src/misc.h:122:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ret, A, size*sizeof(T)); data/r-cran-isospecr-2.1.3/src/misc.h:145:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(newT, *array, old_array_size*sizeof(T)); data/r-cran-isospecr-2.1.3/src/pod_vector.h:219:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(this, *other, sizeof(*this)); data/r-cran-isospecr-2.1.3/src/isoSpec++.cpp:358:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t slen = strlen(formula); data/r-cran-isospecr-2.1.3/src/isoSpec++.cpp:397:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((strlen(elem_table_symbol[j]) == elements[i].second) && (strncmp(elements[i].first, elem_table_symbol[j], elements[i].second) == 0)) data/r-cran-isospecr-2.1.3/src/misc.h:87:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(prefix) > 0) data/r-cran-isospecr-2.1.3/src/misc.h:101:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(prefix) > 0) ANALYSIS SUMMARY: Hits = 26 Lines analyzed = 9928 in approximately 0.25 seconds (39628 lines/second) Physical Source Lines of Code (SLOC) = 7720 Hits@level = [0] 0 [1] 4 [2] 22 [3] 0 [4] 0 [5] 0 Hits@level+ = [0+] 26 [1+] 26 [2+] 22 [3+] 0 [4+] 0 [5+] 0 Hits/KSLOC@level+ = [0+] 3.36788 [1+] 3.36788 [2+] 2.84974 [3+] 0 [4+] 0 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.