stdin

Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/r-cran-openssl-1.4.3+dfsg/tools/version.c
Examining data/r-cran-openssl-1.4.3+dfsg/src/compatibility.c
Examining data/r-cran-openssl-1.4.3+dfsg/src/error.c
Examining data/r-cran-openssl-1.4.3+dfsg/src/keygen.c
Examining data/r-cran-openssl-1.4.3+dfsg/src/password.c
Examining data/r-cran-openssl-1.4.3+dfsg/src/pkcs12.c
Examining data/r-cran-openssl-1.4.3+dfsg/src/base64.c
Examining data/r-cran-openssl-1.4.3+dfsg/src/write.c
Examining data/r-cran-openssl-1.4.3+dfsg/src/signing.c
Examining data/r-cran-openssl-1.4.3+dfsg/src/aes.c
Examining data/r-cran-openssl-1.4.3+dfsg/src/pbkdf.c
Examining data/r-cran-openssl-1.4.3+dfsg/src/hash.c
Examining data/r-cran-openssl-1.4.3+dfsg/src/info.c
Examining data/r-cran-openssl-1.4.3+dfsg/src/cert.c
Examining data/r-cran-openssl-1.4.3+dfsg/src/diffie.c
Examining data/r-cran-openssl-1.4.3+dfsg/src/pkcs7.c
Examining data/r-cran-openssl-1.4.3+dfsg/src/bcrypt/blf.h
Examining data/r-cran-openssl-1.4.3+dfsg/src/bcrypt/blowfish.c
Examining data/r-cran-openssl-1.4.3+dfsg/src/bcrypt/bcrypt_pbkdf.c
Examining data/r-cran-openssl-1.4.3+dfsg/src/onload.c
Examining data/r-cran-openssl-1.4.3+dfsg/src/win32/ipv6.c
Examining data/r-cran-openssl-1.4.3+dfsg/src/utils.h
Examining data/r-cran-openssl-1.4.3+dfsg/src/tests/main.c
Examining data/r-cran-openssl-1.4.3+dfsg/src/tests/soname.h
Examining data/r-cran-openssl-1.4.3+dfsg/src/openssh.c
Examining data/r-cran-openssl-1.4.3+dfsg/src/stream.c
Examining data/r-cran-openssl-1.4.3+dfsg/src/envelope.c
Examining data/r-cran-openssl-1.4.3+dfsg/src/rand.c
Examining data/r-cran-openssl-1.4.3+dfsg/src/keys.c
Examining data/r-cran-openssl-1.4.3+dfsg/src/bignum.c
Examining data/r-cran-openssl-1.4.3+dfsg/src/x25519.c
Examining data/r-cran-openssl-1.4.3+dfsg/src/ssl.c
Examining data/r-cran-openssl-1.4.3+dfsg/src/compatibility.h
Examining data/r-cran-openssl-1.4.3+dfsg/src/rsa.c
Examining data/r-cran-openssl-1.4.3+dfsg/src/pem.c

FINAL RESULTS:

data/r-cran-openssl-1.4.3+dfsg/src/aes.c:62:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(RAW(out), buf, total);
data/r-cran-openssl-1.4.3+dfsg/src/base64.c:48:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(RAW(out), bin, bin_len);
data/r-cran-openssl-1.4.3+dfsg/src/bcrypt/bcrypt_pbkdf.c:113:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(countsalt, salt, saltlen);
data/r-cran-openssl-1.4.3+dfsg/src/cert.c:18:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buf[bufsize];
data/r-cran-openssl-1.4.3+dfsg/src/cert.c:56:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(RAW(VECTOR_ELT(out, 3)), signature->data, signature->length);
data/r-cran-openssl-1.4.3+dfsg/src/envelope.c:20:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char buf[keysize];
data/r-cran-openssl-1.4.3+dfsg/src/envelope.c:21:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char *ek[1];
data/r-cran-openssl-1.4.3+dfsg/src/envelope.c:28:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char iv[ivlen];
data/r-cran-openssl-1.4.3+dfsg/src/envelope.c:48:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(RAW(VECTOR_ELT(res, 0)), iv, ivlen);
data/r-cran-openssl-1.4.3+dfsg/src/envelope.c:49:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(RAW(VECTOR_ELT(res, 1)), ek[0], ekl[0]);
data/r-cran-openssl-1.4.3+dfsg/src/envelope.c:50:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(RAW(VECTOR_ELT(res, 2)), out, len1 + len2);
data/r-cran-openssl-1.4.3+dfsg/src/envelope.c:93:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(RAW(res), out,  len1 + len2);
data/r-cran-openssl-1.4.3+dfsg/src/hash.c:34:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char md_value[EVP_MAX_MD_SIZE];
data/r-cran-openssl-1.4.3+dfsg/src/hash.c:39:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(RAW(out), md_value, md_len);
data/r-cran-openssl-1.4.3+dfsg/src/hash.c:61:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char md_value[EVP_MAX_MD_SIZE];
data/r-cran-openssl-1.4.3+dfsg/src/hash.c:65:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char mdString[2*md_len+1];
data/r-cran-openssl-1.4.3+dfsg/src/hash.c:67:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(&mdString[i*2], "%02x", (unsigned int) md_value[i]);
data/r-cran-openssl-1.4.3+dfsg/src/keygen.c:30:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(RAW(res), buf, len);
data/r-cran-openssl-1.4.3+dfsg/src/keygen.c:44:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(RAW(res), buf, len);
data/r-cran-openssl-1.4.3+dfsg/src/keygen.c:64:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(RAW(res), buf, len);
data/r-cran-openssl-1.4.3+dfsg/src/keygen.c:85:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(RAW(res), buf, len);
data/r-cran-openssl-1.4.3+dfsg/src/keygen.c:106:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(RAW(res), buf, len);
data/r-cran-openssl-1.4.3+dfsg/src/keys.c:18:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(RAW(res), buf, len);
data/r-cran-openssl-1.4.3+dfsg/src/keys.c:33:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(RAW(res), buf, len);
data/r-cran-openssl-1.4.3+dfsg/src/keys.c:47:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(RAW(res), buf, len);
data/r-cran-openssl-1.4.3+dfsg/src/keys.c:63:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(RAW(res), buf, len);
data/r-cran-openssl-1.4.3+dfsg/src/keys.c:81:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(RAW(res), buf, len);
data/r-cran-openssl-1.4.3+dfsg/src/openssh.c:49:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(RAW(res), buf, len);
data/r-cran-openssl-1.4.3+dfsg/src/openssh.c:65:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(RAW(res), buf, len);
data/r-cran-openssl-1.4.3+dfsg/src/openssh.c:114:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(RAW(res), buf, len);
data/r-cran-openssl-1.4.3+dfsg/src/openssh.c:128:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(RAW(res), buf, len);
data/r-cran-openssl-1.4.3+dfsg/src/openssh.c:215:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(RAW(res), buf, len);
data/r-cran-openssl-1.4.3+dfsg/src/openssh.c:237:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(RAW(res), buf, len);
data/r-cran-openssl-1.4.3+dfsg/src/pem.c:29:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(RAW(VECTOR_ELT(res, 2)), data, (int) len);
data/r-cran-openssl-1.4.3+dfsg/src/pem.c:49:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(RAW(res), buf, len);
data/r-cran-openssl-1.4.3+dfsg/src/pem.c:64:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(RAW(res), buf, len);
data/r-cran-openssl-1.4.3+dfsg/src/pem.c:77:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(RAW(res), buf, len);
data/r-cran-openssl-1.4.3+dfsg/src/pem.c:92:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(RAW(res), buf, len);
data/r-cran-openssl-1.4.3+dfsg/src/pem.c:107:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(RAW(res), buf, len);
data/r-cran-openssl-1.4.3+dfsg/src/pkcs12.c:59:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(RAW(res), buf, len);
data/r-cran-openssl-1.4.3+dfsg/src/pkcs12.c:74:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char passwd[max_size];
data/r-cran-openssl-1.4.3+dfsg/src/pkcs12.c:95:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(RAW(VECTOR_ELT(res, 0)), buf, len);
data/r-cran-openssl-1.4.3+dfsg/src/pkcs12.c:104:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(RAW(VECTOR_ELT(res, 1)), buf, len);
data/r-cran-openssl-1.4.3+dfsg/src/pkcs12.c:116:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(RAW(VECTOR_ELT(bundle, i)), buf, len);
data/r-cran-openssl-1.4.3+dfsg/src/pkcs7.c:20:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(RAW(res), buf, len);
data/r-cran-openssl-1.4.3+dfsg/src/pkcs7.c:42:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(RAW(res), buf, len);
data/r-cran-openssl-1.4.3+dfsg/src/pkcs7.c:82:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(RAW(VECTOR_ELT(bundle, i)), buf, len);
data/r-cran-openssl-1.4.3+dfsg/src/pkcs7.c:98:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(RAW(VECTOR_ELT(bundle, i)), buf, len);
data/r-cran-openssl-1.4.3+dfsg/src/rand.c:11:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char buf[length];
data/r-cran-openssl-1.4.3+dfsg/src/rand.c:14:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(RAW(out), buf, length);
data/r-cran-openssl-1.4.3+dfsg/src/rsa.c:18:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(RAW(res), buf, len);
data/r-cran-openssl-1.4.3+dfsg/src/rsa.c:33:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(RAW(res), buf, len);
data/r-cran-openssl-1.4.3+dfsg/src/signing.c:56:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(RAW(res), sig, siglen);
data/r-cran-openssl-1.4.3+dfsg/src/signing.c:104:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(RAW(res), buf, siglen);
data/r-cran-openssl-1.4.3+dfsg/src/ssl.c:48:10:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  static char buf[1000], *p;
data/r-cran-openssl-1.4.3+dfsg/src/ssl.c:103:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char ip[INET6_ADDRSTRLEN];
data/r-cran-openssl-1.4.3+dfsg/src/ssl.c:184:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(RAW(VECTOR_ELT(res, i)), buf, len);
data/r-cran-openssl-1.4.3+dfsg/src/stream.c:42:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char md_value[EVP_MAX_MD_SIZE];
data/r-cran-openssl-1.4.3+dfsg/src/stream.c:48:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(RAW(out), md_value, md_len);
data/r-cran-openssl-1.4.3+dfsg/src/stream.c:95:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char md_value[EVP_MAX_MD_SIZE];
data/r-cran-openssl-1.4.3+dfsg/src/stream.c:101:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(RAW(out), md_value, md_len);
data/r-cran-openssl-1.4.3+dfsg/src/win32/ipv6.c:17:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char src_copy[INET6_ADDRSTRLEN+1];
data/r-cran-openssl-1.4.3+dfsg/src/write.c:20:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buf[bufsize];
data/r-cran-openssl-1.4.3+dfsg/src/write.c:64:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buf[bufsize];
data/r-cran-openssl-1.4.3+dfsg/src/write.c:79:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buf[bufsize];
data/r-cran-openssl-1.4.3+dfsg/src/write.c:93:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buf[bufsize];
data/r-cran-openssl-1.4.3+dfsg/src/write.c:107:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buf[bufsize];
data/r-cran-openssl-1.4.3+dfsg/src/x25519.c:22:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(RAW(res), buf, len);
data/r-cran-openssl-1.4.3+dfsg/src/x25519.c:38:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(RAW(res), buf, len);
data/r-cran-openssl-1.4.3+dfsg/src/bcrypt/blowfish.c:672:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	blf_key(&c, (u_int8_t *) key2, strlen(key2));
data/r-cran-openssl-1.4.3+dfsg/src/password.c:18:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(buf, CHAR(STRING_ELT(cb, 0)), max_size);
data/r-cran-openssl-1.4.3+dfsg/src/password.c:20:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    return strlen(buf);
data/r-cran-openssl-1.4.3+dfsg/src/password.c:33:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(buf, CHAR(STRING_ELT(res, 0)), max_size);
data/r-cran-openssl-1.4.3+dfsg/src/password.c:36:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    return strlen(buf);
data/r-cran-openssl-1.4.3+dfsg/src/pkcs12.c:79:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if(!PKCS12_verify_mac(p12, passwd, strlen(passwd)))
data/r-cran-openssl-1.4.3+dfsg/src/ssl.c:53:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  p = buf+strlen(buf) -1;
data/r-cran-openssl-1.4.3+dfsg/src/ssl.c:55:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  p = buf+strlen(buf) -1;
data/r-cran-openssl-1.4.3+dfsg/src/ssl.c:57:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  p = buf+strlen(buf) -1;
data/r-cran-openssl-1.4.3+dfsg/src/win32/ipv6.c:21:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
  strncpy (src_copy, src, INET6_ADDRSTRLEN+1);

ANALYSIS SUMMARY:

Hits = 79
Lines analyzed = 3636 in approximately 0.12 seconds (30925 lines/second)
Physical Source Lines of Code (SLOC) = 3021
Hits@level = [0]   3 [1]  10 [2]  69 [3]   0 [4]   0 [5]   0
Hits@level+ = [0+]  82 [1+]  79 [2+]  69 [3+]   0 [4+]   0 [5+]   0
Hits/KSLOC@level+ = [0+] 27.1433 [1+] 26.1503 [2+] 22.8401 [3+]   0 [4+]   0 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.