Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/r-cran-matrixstats-0.57.0/src/rowSums2_lowlevel_template.h
Examining data/r-cran-matrixstats-0.57.0/src/signTabulate.c
Examining data/r-cran-matrixstats-0.57.0/src/rowMads_lowlevel.h
Examining data/r-cran-matrixstats-0.57.0/src/diff2.c
Examining data/r-cran-matrixstats-0.57.0/src/validateIndices.c
Examining data/r-cran-matrixstats-0.57.0/src/rowMeans2.c
Examining data/r-cran-matrixstats-0.57.0/src/productExpSumLog_lowlevel_template.h
Examining data/r-cran-matrixstats-0.57.0/src/rowCummaxs_lowlevel.h
Examining data/r-cran-matrixstats-0.57.0/src/diff2_lowlevel_template.h
Examining data/r-cran-matrixstats-0.57.0/src/sum2.c
Examining data/r-cran-matrixstats-0.57.0/src/x_OP_y.c
Examining data/r-cran-matrixstats-0.57.0/src/logSumExp_lowlevel_template.h
Examining data/r-cran-matrixstats-0.57.0/src/colRanges_lowlevel.h
Examining data/r-cran-matrixstats-0.57.0/src/rowRanksWithTies.c
Examining data/r-cran-matrixstats-0.57.0/src/validateIndices_lowlevel.h
Examining data/r-cran-matrixstats-0.57.0/src/rowCummins_lowlevel.h
Examining data/r-cran-matrixstats-0.57.0/src/colCounts_lowlevel.h
Examining data/r-cran-matrixstats-0.57.0/src/rowRanksWithTies_lowlevel_template.h
Examining data/r-cran-matrixstats-0.57.0/src/colRanges.c
Examining data/r-cran-matrixstats-0.57.0/src/rowRanges_lowlevel.h
Examining data/r-cran-matrixstats-0.57.0/src/colOrderStats.c
Examining data/r-cran-matrixstats-0.57.0/src/rowCumsums_lowlevel.h
Examining data/r-cran-matrixstats-0.57.0/src/rowCumsums_lowlevel_template.h
Examining data/r-cran-matrixstats-0.57.0/src/000.templates-types.h
Examining data/r-cran-matrixstats-0.57.0/src/logSumExp.c
Examining data/r-cran-matrixstats-0.57.0/src/sum2_lowlevel.h
Examining data/r-cran-matrixstats-0.57.0/src/rowOrderStats_lowlevel.h
Examining data/r-cran-matrixstats-0.57.0/src/binCounts_lowlevel.h
Examining data/r-cran-matrixstats-0.57.0/src/rowVars_lowlevel_template.h
Examining data/r-cran-matrixstats-0.57.0/src/000.templates-gen-matrix-vector.h
Examining data/r-cran-matrixstats-0.57.0/src/rowCounts.c
Examining data/r-cran-matrixstats-0.57.0/src/rowSums2.c
Examining data/r-cran-matrixstats-0.57.0/src/mean2_lowlevel_template.h
Examining data/r-cran-matrixstats-0.57.0/src/rowCumprods_lowlevel.h
Examining data/r-cran-matrixstats-0.57.0/src/000.templates-gen-vector.h
Examining data/r-cran-matrixstats-0.57.0/src/productExpSumLog_lowlevel.h
Examining data/r-cran-matrixstats-0.57.0/src/mean2.c
Examining data/r-cran-matrixstats-0.57.0/src/colOrderStats_lowlevel.h
Examining data/r-cran-matrixstats-0.57.0/src/rowMedians_lowlevel.h
Examining data/r-cran-matrixstats-0.57.0/src/diff2_lowlevel.h
Examining data/r-cran-matrixstats-0.57.0/src/rowCumprods_lowlevel_template.h
Examining data/r-cran-matrixstats-0.57.0/src/000.templates-types_undef.h
Examining data/r-cran-matrixstats-0.57.0/src/rowCummins.c
Examining data/r-cran-matrixstats-0.57.0/src/rowRanksWithTies_lowlevel.h
Examining data/r-cran-matrixstats-0.57.0/src/colOrderStats_lowlevel_template.h
Examining data/r-cran-matrixstats-0.57.0/src/productExpSumLog.c
Examining data/r-cran-matrixstats-0.57.0/src/rowLogSumExp_lowlevel.h
Examining data/r-cran-matrixstats-0.57.0/src/rowDiffs_lowlevel.h
Examining data/r-cran-matrixstats-0.57.0/src/rowVars_lowlevel.h
Examining data/r-cran-matrixstats-0.57.0/src/rowVars.c
Examining data/r-cran-matrixstats-0.57.0/src/rowCummaxs.c
Examining data/r-cran-matrixstats-0.57.0/src/signTabulate_lowlevel_template.h
Examining data/r-cran-matrixstats-0.57.0/src/x_OP_y_lowlevel_template.h
Examining data/r-cran-matrixstats-0.57.0/src/indexByRow.c
Examining data/r-cran-matrixstats-0.57.0/src/rowOrderStats_lowlevel_template.h
Examining data/r-cran-matrixstats-0.57.0/src/binCounts.c
Examining data/r-cran-matrixstats-0.57.0/src/binMeans.c
Examining data/r-cran-matrixstats-0.57.0/src/rowLogSumExp_lowlevel_template.h
Examining data/r-cran-matrixstats-0.57.0/src/rowCounts_lowlevel.h
Examining data/r-cran-matrixstats-0.57.0/src/rowMeans2_lowlevel_template.h
Examining data/r-cran-matrixstats-0.57.0/src/anyMissing_lowlevel_template.h
Examining data/r-cran-matrixstats-0.57.0/src/rowSums2_lowlevel.h
Examining data/r-cran-matrixstats-0.57.0/src/binCounts_lowlevel_template.h
Examining data/r-cran-matrixstats-0.57.0/src/rowMads_lowlevel_template.h
Examining data/r-cran-matrixstats-0.57.0/src/mean2_lowlevel.h
Examining data/r-cran-matrixstats-0.57.0/src/000.utils.h
Examining data/r-cran-matrixstats-0.57.0/src/rowCounts_lowlevel_template.h
Examining data/r-cran-matrixstats-0.57.0/src/rowMedians_lowlevel_template.h
Examining data/r-cran-matrixstats-0.57.0/src/psortKM.c
Examining data/r-cran-matrixstats-0.57.0/src/sum2_lowlevel_template.h
Examining data/r-cran-matrixstats-0.57.0/src/colCounts.c
Examining data/r-cran-matrixstats-0.57.0/src/logSumExp_lowlevel.h
Examining data/r-cran-matrixstats-0.57.0/src/rowCumprods.c
Examining data/r-cran-matrixstats-0.57.0/src/weightedMedian_lowlevel_template.h
Examining data/r-cran-matrixstats-0.57.0/src/rowDiffs.c
Examining data/r-cran-matrixstats-0.57.0/src/x_OP_y_lowlevel.h
Examining data/r-cran-matrixstats-0.57.0/src/binMeans_lowlevel_template.h
Examining data/r-cran-matrixstats-0.57.0/src/weightedMedian_lowlevel.h
Examining data/r-cran-matrixstats-0.57.0/src/allocMatrix2.c
Examining data/r-cran-matrixstats-0.57.0/src/rowMads.c
Examining data/r-cran-matrixstats-0.57.0/src/000.init.c
Examining data/r-cran-matrixstats-0.57.0/src/weightedMean.c
Examining data/r-cran-matrixstats-0.57.0/src/000.types.h
Examining data/r-cran-matrixstats-0.57.0/src/rowCumMinMaxs_lowlevel_template.h
Examining data/r-cran-matrixstats-0.57.0/src/rowMedians.c
Examining data/r-cran-matrixstats-0.57.0/src/weightedMean_lowlevel.h
Examining data/r-cran-matrixstats-0.57.0/src/rowRanges_lowlevel_template.h
Examining data/r-cran-matrixstats-0.57.0/src/colCounts_lowlevel_template.h
Examining data/r-cran-matrixstats-0.57.0/src/rowCumsums.c
Examining data/r-cran-matrixstats-0.57.0/src/weightedMedian.c
Examining data/r-cran-matrixstats-0.57.0/src/000.macros.h
Examining data/r-cran-matrixstats-0.57.0/src/rowOrderStats.c
Examining data/r-cran-matrixstats-0.57.0/src/rowLogSumExp.c
Examining data/r-cran-matrixstats-0.57.0/src/rowRanges.c
Examining data/r-cran-matrixstats-0.57.0/src/anyMissing_lowlevel.h
Examining data/r-cran-matrixstats-0.57.0/src/000.templates-gen-matrix.h
Examining data/r-cran-matrixstats-0.57.0/src/rowMeans2_lowlevel.h
Examining data/r-cran-matrixstats-0.57.0/src/anyMissing.c
Examining data/r-cran-matrixstats-0.57.0/src/binMeans_lowlevel.h
Examining data/r-cran-matrixstats-0.57.0/src/000.api.h
Examining data/r-cran-matrixstats-0.57.0/src/weightedMean_lowlevel_template.h
Examining data/r-cran-matrixstats-0.57.0/src/colRanges_lowlevel_template.h
Examining data/r-cran-matrixstats-0.57.0/src/signTabulate_lowlevel.h
Examining data/r-cran-matrixstats-0.57.0/src/rowDiffs_lowlevel_template.h
Examining data/r-cran-matrixstats-0.57.0/src/validateIndices_lowlevel_template.h
FINAL RESULTS:
data/r-cran-matrixstats-0.57.0/src/validateIndices.c:206:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(INTEGER(ans), cidxs, ansNidxs*sizeof(int));
data/r-cran-matrixstats-0.57.0/src/validateIndices.c:214:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(REAL(ans), cidxs, ansNidxs*sizeof(double));
ANALYSIS SUMMARY:
Hits = 2
Lines analyzed = 10147 in approximately 0.45 seconds (22644 lines/second)
Physical Source Lines of Code (SLOC) = 5812
Hits@level = [0] 0 [1] 0 [2] 2 [3] 0 [4] 0 [5] 0
Hits@level+ = [0+] 2 [1+] 2 [2+] 2 [3+] 0 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 0.344116 [1+] 0.344116 [2+] 0.344116 [3+] 0 [4+] 0 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.