Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/r-cran-readxl-1.3.1/src/zip.cpp
Examining data/r-cran-readxl-1.3.1/src/ole.c
Examining data/r-cran-readxl-1.3.1/src/rapidxml_print.h
Examining data/r-cran-readxl-1.3.1/src/XlsxWorkSheet.cpp
Examining data/r-cran-readxl-1.3.1/src/cran.h
Examining data/r-cran-readxl-1.3.1/src/XlsxCell.h
Examining data/r-cran-readxl-1.3.1/src/XlsWorkBook.h
Examining data/r-cran-readxl-1.3.1/src/XlsWorkBook.cpp
Examining data/r-cran-readxl-1.3.1/src/XlsWorkSheet.cpp
Examining data/r-cran-readxl-1.3.1/src/ColSpec.h
Examining data/r-cran-readxl-1.3.1/src/Spinner.h
Examining data/r-cran-readxl-1.3.1/src/XlsxWorkBook.h
Examining data/r-cran-readxl-1.3.1/src/libxls/brdb.h
Examining data/r-cran-readxl-1.3.1/src/libxls/xlsstruct.h
Examining data/r-cran-readxl-1.3.1/src/libxls/endian.h
Examining data/r-cran-readxl-1.3.1/src/libxls/xls.h
Examining data/r-cran-readxl-1.3.1/src/libxls/brdb.c.h
Examining data/r-cran-readxl-1.3.1/src/libxls/ole.h
Examining data/r-cran-readxl-1.3.1/src/libxls/xlstypes.h
Examining data/r-cran-readxl-1.3.1/src/libxls/xlstool.h
Examining data/r-cran-readxl-1.3.1/src/StringSet.h
Examining data/r-cran-readxl-1.3.1/src/windows/config.h
Examining data/r-cran-readxl-1.3.1/src/CellLimits.h
Examining data/r-cran-readxl-1.3.1/src/rapidxml.h
Examining data/r-cran-readxl-1.3.1/src/XlsxWorkSheet.h
Examining data/r-cran-readxl-1.3.1/src/utils.h
Examining data/r-cran-readxl-1.3.1/src/XlsCell.h
Examining data/r-cran-readxl-1.3.1/src/unix/config.h
Examining data/r-cran-readxl-1.3.1/src/zip.h
Examining data/r-cran-readxl-1.3.1/src/xlstool.c
Examining data/r-cran-readxl-1.3.1/src/endian.c
Examining data/r-cran-readxl-1.3.1/src/RcppExports.cpp
Examining data/r-cran-readxl-1.3.1/src/cran.c
Examining data/r-cran-readxl-1.3.1/src/XlsWorkSheet.h
Examining data/r-cran-readxl-1.3.1/src/xls.c
Examining data/r-cran-readxl-1.3.1/src/XlsxWorkBook.cpp
Examining data/r-cran-readxl-1.3.1/src/XlsxString.h
FINAL RESULTS:
data/r-cran-readxl-1.3.1/src/cran.h:6:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define printf Rprintf
data/r-cran-readxl-1.3.1/src/cran.h:17:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define fprintf Rprintf2
data/r-cran-readxl-1.3.1/src/xls.c:1461:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pWB->charset, charset);
data/r-cran-readxl-1.3.1/src/xlstool.c:717:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(borderleft,"%s", "");
data/r-cran-readxl-1.3.1/src/xlstool.c:727:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(borderright,"%s", "");
data/r-cran-readxl-1.3.1/src/xlstool.c:737:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(bordertop,"%s", "");
data/r-cran-readxl-1.3.1/src/xlstool.c:747:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(borderbottom,"%s", "");
data/r-cran-readxl-1.3.1/src/xlstool.c:757:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(color,"%s", "");
data/r-cran-readxl-1.3.1/src/xlstool.c:762:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(italic,"%s", "");
data/r-cran-readxl-1.3.1/src/xlstool.c:767:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(bold,"%s", "");
data/r-cran-readxl-1.3.1/src/xlstool.c:772:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(underline,"%s", "");
data/r-cran-readxl-1.3.1/src/xlstool.c:780:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fontname,"%s",pWB->fonts.font[xf->font-1].name);
data/r-cran-readxl-1.3.1/src/xlstool.c:785:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,".xf%i{ font-size:%ipt;font-family: \"%s\";background:#%.6X;text-align:%s;vertical-align:%s;%s%s%s%s%s%s%s%s}\n",
data/r-cran-readxl-1.3.1/src/xlstool.c:788:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(ret,buf);
data/r-cran-readxl-1.3.1/src/XlsxCell.h:131:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int id = atoi(v->value());
data/r-cran-readxl-1.3.1/src/XlsxCell.h:147:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int format = (s == NULL) ? -1 : atoi(s->value());
data/r-cran-readxl-1.3.1/src/XlsxCell.h:201:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return atoi(v->value()) ? "TRUE" : "FALSE";
data/r-cran-readxl-1.3.1/src/XlsxCell.h:259:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return atoi(v->value()) != 0;
data/r-cran-readxl-1.3.1/src/XlsxCell.h:316:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int id = atoi(val);
data/r-cran-readxl-1.3.1/src/XlsxString.h:19:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char utf8[16]; // 16 from definition of Rf_ucstoutf8
data/r-cran-readxl-1.3.1/src/XlsxWorkBook.h:255:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int n = atoi(count->value());
data/r-cran-readxl-1.3.1/src/XlsxWorkBook.h:298:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int id = atoi(numFmt->first_attribute("numFmtId")->value());
data/r-cran-readxl-1.3.1/src/XlsxWorkBook.h:321:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int formatId = atoi(cellXf->first_attribute("numFmtId")->value());
data/r-cran-readxl-1.3.1/src/XlsxWorkBook.h:348:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return atoi(date1904->value()) == 1;
data/r-cran-readxl-1.3.1/src/libxls/ole.h:154:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[64];
data/r-cran-readxl-1.3.1/src/libxls/xlsstruct.h:129:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1];
data/r-cran-readxl-1.3.1/src/libxls/xlsstruct.h:323:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1];
data/r-cran-readxl-1.3.1/src/libxls/xlsstruct.h:330:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[1];
data/r-cran-readxl-1.3.1/src/ole.c:131:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(olest->buf, ptr, olest->bufsize);
data/r-cran-readxl-1.3.1/src/ole.c:193:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((BYTE*)buf + didReadCount, olest->buf + olest->pos, needToReadCount);
data/r-cran-readxl-1.3.1/src/ole.c:197:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((BYTE*)buf + didReadCount, olest->buf + olest->pos, remainingBytes);
data/r-cran-readxl-1.3.1/src/ole.c:383:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, (const char *)ole2->buffer + ole2->buffer_pos, size);
data/r-cran-readxl-1.3.1/src/ole.c:601:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(ole->file=fopen(file, "rb"))) {
data/r-cran-readxl-1.3.1/src/rapidxml.h:304:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char lookup_whitespace[256]; // Whitespace table
data/r-cran-readxl-1.3.1/src/rapidxml.h:305:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char lookup_node_name[256]; // Node name table
data/r-cran-readxl-1.3.1/src/rapidxml.h:306:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char lookup_text[256]; // Text table
data/r-cran-readxl-1.3.1/src/rapidxml.h:307:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char lookup_text_pure_no_ws[256]; // Text table
data/r-cran-readxl-1.3.1/src/rapidxml.h:308:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char lookup_text_pure_with_ws[256]; // Text table
data/r-cran-readxl-1.3.1/src/rapidxml.h:309:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char lookup_attribute_name[256]; // Attribute name table
data/r-cran-readxl-1.3.1/src/rapidxml.h:310:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char lookup_attribute_data_1[256]; // Attribute data table with single quote
data/r-cran-readxl-1.3.1/src/rapidxml.h:311:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char lookup_attribute_data_1_pure[256]; // Attribute data table with single quote
data/r-cran-readxl-1.3.1/src/rapidxml.h:312:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char lookup_attribute_data_2[256]; // Attribute data table with double quotes
data/r-cran-readxl-1.3.1/src/rapidxml.h:313:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char lookup_attribute_data_2_pure[256]; // Attribute data table with double quotes
data/r-cran-readxl-1.3.1/src/rapidxml.h:314:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char lookup_digits[256]; // Digits
data/r-cran-readxl-1.3.1/src/rapidxml.h:315:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char lookup_upcase[256]; // To uppercase conversion table for ASCII characters
data/r-cran-readxl-1.3.1/src/rapidxml.h:646:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_static_memory[RAPIDXML_STATIC_POOL_SIZE]; // Static raw memory
data/r-cran-readxl-1.3.1/src/xls.c:279:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp+strlen(tmp), ret, strlen(ret)+1);
data/r-cran-readxl-1.3.1/src/xls.c:335:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ret, &tmp, sizeof(unsigned64_t));
data/r-cran-readxl-1.3.1/src/xls.c:543:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cell->d, &((FORMULA*)buf)->resid, sizeof(double)); // Required for ARM
data/r-cran-readxl-1.3.1/src/xls.c:554:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cell->d, &d, sizeof(double)); // Required for ARM
data/r-cran-readxl-1.3.1/src/xls.c:558:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cell->d, &d, sizeof(double)); // Required for ARM
data/r-cran-readxl-1.3.1/src/xls.c:613:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&cell->d, &((BR_NUMBER*)buf)->value, sizeof(double)); // Required for ARM
data/r-cran-readxl-1.3.1/src/xlstool.c:152:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret, str, len);
data/r-cran-readxl-1.3.1/src/xlstool.c:598:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret, label, len);
data/r-cran-readxl-1.3.1/src/xlstool.c:657:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char color[255];
data/r-cran-readxl-1.3.1/src/xlstool.c:660:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char borderleft[255];
data/r-cran-readxl-1.3.1/src/xlstool.c:661:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char borderright[255];
data/r-cran-readxl-1.3.1/src/xlstool.c:662:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bordertop[255];
data/r-cran-readxl-1.3.1/src/xlstool.c:663:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char borderbottom[255];
data/r-cran-readxl-1.3.1/src/xlstool.c:664:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char italic[255];
data/r-cran-readxl-1.3.1/src/xlstool.c:665:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char underline[255];
data/r-cran-readxl-1.3.1/src/xlstool.c:666:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bold[255];
data/r-cran-readxl-1.3.1/src/xlstool.c:668:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fontname[255];
data/r-cran-readxl-1.3.1/src/xlstool.c:720:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(borderleft,"border-left: 1px solid black;");
data/r-cran-readxl-1.3.1/src/xlstool.c:730:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(borderright,"border-right: 1px solid black;");
data/r-cran-readxl-1.3.1/src/xlstool.c:740:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(bordertop,"border-top: 1px solid black;");
data/r-cran-readxl-1.3.1/src/xlstool.c:750:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(borderbottom,"border-bottom: 1px solid Black;");
data/r-cran-readxl-1.3.1/src/xlstool.c:755:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(color,"color:#%.6X;",xls_getColor(pWB->fonts.font[xf->font-1].color,0));
data/r-cran-readxl-1.3.1/src/xlstool.c:760:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(italic,"font-style: italic;");
data/r-cran-readxl-1.3.1/src/xlstool.c:765:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(bold,"font-weight: bold;");
data/r-cran-readxl-1.3.1/src/xlstool.c:770:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(underline,"text-decoration: underline;");
data/r-cran-readxl-1.3.1/src/xlstool.c:782:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fontname,"Arial");
data/r-cran-readxl-1.3.1/src/StringSet.h:12:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) > 0)
data/r-cran-readxl-1.3.1/src/xls.c:230:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new_len = strlen(ret);
data/r-cran-readxl-1.3.1/src/xls.c:273:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = realloc(tmp, strlen(tmp)+strlen(ret)+1);
data/r-cran-readxl-1.3.1/src/xls.c:273:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = realloc(tmp, strlen(tmp)+strlen(ret)+1);
data/r-cran-readxl-1.3.1/src/xls.c:279:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(tmp+strlen(tmp), ret, strlen(ret)+1);
data/r-cran-readxl-1.3.1/src/xls.c:279:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(tmp+strlen(tmp), ret, strlen(ret)+1);
data/r-cran-readxl-1.3.1/src/xls.c:1083:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
size_t read;
data/r-cran-readxl-1.3.1/src/xls.c:1221:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
size_t read;
data/r-cran-readxl-1.3.1/src/xls.c:1460:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pWB->charset = malloc(strlen(charset) * sizeof(char)+1);
data/r-cran-readxl-1.3.1/src/xlstool.c:790:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = realloc(ret, strlen(ret)+1);
ANALYSIS SUMMARY:
Hits = 82
Lines analyzed = 11395 in approximately 0.31 seconds (36701 lines/second)
Physical Source Lines of Code (SLOC) = 8092
Hits@level = [0] 244 [1] 10 [2] 58 [3] 0 [4] 14 [5] 0
Hits@level+ = [0+] 326 [1+] 82 [2+] 72 [3+] 14 [4+] 14 [5+] 0
Hits/KSLOC@level+ = [0+] 40.2867 [1+] 10.1335 [2+] 8.89768 [3+] 1.7301 [4+] 1.7301 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.