Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/r-cran-rcppannoy-0.0.17/src/arch.cpp Examining data/r-cran-rcppannoy-0.0.17/src/init.c Examining data/r-cran-rcppannoy-0.0.17/src/annoy.cpp Examining data/r-cran-rcppannoy-0.0.17/src/RcppExports.cpp Examining data/r-cran-rcppannoy-0.0.17/inst/include/mman.h Examining data/r-cran-rcppannoy-0.0.17/inst/include/kissrandom.h Examining data/r-cran-rcppannoy-0.0.17/inst/include/annoylib.h Examining data/r-cran-rcppannoy-0.0.17/inst/include/RcppAnnoy.h FINAL RESULTS: data/r-cran-rcppannoy-0.0.17/inst/include/annoylib.h:79:29: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define showUpdate(...) { fprintf(stderr, __VA_ARGS__ ); } data/r-cran-rcppannoy-0.0.17/inst/include/annoylib.h:98:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(*error, "%s: %s (%d)", msg, strerror(errno), errno); data/r-cran-rcppannoy-0.0.17/inst/include/annoylib.h:106:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(*error, msg); data/r-cran-rcppannoy-0.0.17/inst/include/annoylib.h:365:66: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. inline void two_means(const vector<Node*>& nodes, int f, Random& random, bool cosine, Node* p, Node* q) { data/r-cran-rcppannoy-0.0.17/inst/include/annoylib.h:375:14: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. size_t i = random.index(count); data/r-cran-rcppannoy-0.0.17/inst/include/annoylib.h:376:14: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. size_t j = random.index(count-1); data/r-cran-rcppannoy-0.0.17/inst/include/annoylib.h:388:16: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. size_t k = random.index(count); data/r-cran-rcppannoy-0.0.17/inst/include/annoylib.h:478:75: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. static inline bool side(const Node<S, T>* n, const T* y, int f, Random& random) { data/r-cran-rcppannoy-0.0.17/inst/include/annoylib.h:483:20: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. return (bool)random.flip(); data/r-cran-rcppannoy-0.0.17/inst/include/annoylib.h:486:94: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. static inline void create_split(const vector<Node<S, T>*>& nodes, int f, size_t s, Random& random, Node<S, T>* n) { data/r-cran-rcppannoy-0.0.17/inst/include/annoylib.h:489:58: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. two_means<T, Random, Angular, Node<S, T> >(nodes, f, random, true, p, q); data/r-cran-rcppannoy-0.0.17/inst/include/annoylib.h:557:94: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. static inline void create_split(const vector<Node<S, T>*>& nodes, int f, size_t s, Random& random, Node<S, T>* n) { data/r-cran-rcppannoy-0.0.17/inst/include/annoylib.h:562:61: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. two_means<T, Random, DotProduct, Node<S, T> >(nodes, f, random, true, p, q); data/r-cran-rcppannoy-0.0.17/inst/include/annoylib.h:585:75: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. static inline bool side(const Node<S, T>* n, const T* y, int f, Random& random) { data/r-cran-rcppannoy-0.0.17/inst/include/annoylib.h:590:20: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. return (bool)random.flip(); data/r-cran-rcppannoy-0.0.17/inst/include/annoylib.h:677:75: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. static inline bool side(const Node<S, T>* n, const T* y, int f, Random& random) { data/r-cran-rcppannoy-0.0.17/inst/include/annoylib.h:681:94: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. static inline void create_split(const vector<Node<S, T>*>& nodes, int f, size_t s, Random& random, Node<S, T>* n) { data/r-cran-rcppannoy-0.0.17/inst/include/annoylib.h:687:17: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. n->v[0] = random.index(dim); data/r-cran-rcppannoy-0.0.17/inst/include/annoylib.h:741:75: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. static inline bool side(const Node<S, T>* n, const T* y, int f, Random& random) { data/r-cran-rcppannoy-0.0.17/inst/include/annoylib.h:746:20: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. return (bool)random.flip(); data/r-cran-rcppannoy-0.0.17/inst/include/annoylib.h:767:94: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. static inline void create_split(const vector<Node<S, T>*>& nodes, int f, size_t s, Random& random, Node<S, T>* n) { data/r-cran-rcppannoy-0.0.17/inst/include/annoylib.h:770:60: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. two_means<T, Random, Euclidean, Node<S, T> >(nodes, f, random, false, p, q); data/r-cran-rcppannoy-0.0.17/inst/include/annoylib.h:798:94: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. static inline void create_split(const vector<Node<S, T>*>& nodes, int f, size_t s, Random& random, Node<S, T>* n) { data/r-cran-rcppannoy-0.0.17/inst/include/annoylib.h:801:60: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. two_means<T, Random, Manhattan, Node<S, T> >(nodes, f, random, false, p, q); data/r-cran-rcppannoy-0.0.17/inst/include/annoylib.h:424:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest->v, source->v, f * sizeof(T)); data/r-cran-rcppannoy-0.0.17/inst/include/annoylib.h:552:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest->v, source->v, f * sizeof(T)); data/r-cran-rcppannoy-0.0.17/inst/include/annoylib.h:922:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). _fd = open(file, O_RDWR | O_CREAT | O_TRUNC, (int) 0600); data/r-cran-rcppannoy-0.0.17/inst/include/annoylib.h:962:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(_get(_n_nodes + (S)i), _get(_roots[i]), _s); data/r-cran-rcppannoy-0.0.17/inst/include/annoylib.h:1005:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *f = fopen(filename, "wb"); data/r-cran-rcppannoy-0.0.17/inst/include/annoylib.h:1057:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). _fd = open(filename, O_RDONLY, (int)0400); data/r-cran-rcppannoy-0.0.17/inst/include/annoylib.h:1138:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(v, m->v, (_f) * sizeof(T)); data/r-cran-rcppannoy-0.0.17/inst/include/annoylib.h:1256:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(m->children, &indices[0], indices.size() * sizeof(S)); data/r-cran-rcppannoy-0.0.17/inst/include/annoylib.h:1329:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(_get(item), m, _s); data/r-cran-rcppannoy-0.0.17/inst/include/annoylib.h:1338:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(v_node->v, v, sizeof(T) * _f); data/r-cran-rcppannoy-0.0.17/inst/include/annoylib.h:105:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). *error = (char *)malloc(strlen(msg) + 1); ANALYSIS SUMMARY: Hits = 35 Lines analyzed = 2211 in approximately 0.08 seconds (27166 lines/second) Physical Source Lines of Code (SLOC) = 1722 Hits@level = [0] 1 [1] 1 [2] 10 [3] 21 [4] 3 [5] 0 Hits@level+ = [0+] 36 [1+] 35 [2+] 34 [3+] 24 [4+] 3 [5+] 0 Hits/KSLOC@level+ = [0+] 20.9059 [1+] 20.3252 [2+] 19.7445 [3+] 13.9373 [4+] 1.74216 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.