Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/r-cran-rlang-0.4.8/tests/testthat/fixtures/rlanglibtest/src/init.c
Examining data/r-cran-rlang-0.4.8/tests/testthat/fixtures/rlanglibtest/src/test-quo-accessors.c
Examining data/r-cran-rlang-0.4.8/src/config.h
Examining data/r-cran-rlang-0.4.8/src/version.c
Examining data/r-cran-rlang-0.4.8/src/internal/env-binding.c
Examining data/r-cran-rlang-0.4.8/src/internal/dots.h
Examining data/r-cran-rlang-0.4.8/src/internal/expr-interp.c
Examining data/r-cran-rlang-0.4.8/src/internal/quo.h
Examining data/r-cran-rlang-0.4.8/src/internal/internal.c
Examining data/r-cran-rlang-0.4.8/src/internal/utils.c
Examining data/r-cran-rlang-0.4.8/src/internal/attr.c
Examining data/r-cran-rlang-0.4.8/src/internal/eval.c
Examining data/r-cran-rlang-0.4.8/src/internal/eval-tidy.c
Examining data/r-cran-rlang-0.4.8/src/internal/quo.c
Examining data/r-cran-rlang-0.4.8/src/internal/utils.h
Examining data/r-cran-rlang-0.4.8/src/internal/env.c
Examining data/r-cran-rlang-0.4.8/src/internal/vec-raw.c
Examining data/r-cran-rlang-0.4.8/src/internal/fn.c
Examining data/r-cran-rlang-0.4.8/src/internal/dots.c
Examining data/r-cran-rlang-0.4.8/src/internal/expr-interp-rotate.c
Examining data/r-cran-rlang-0.4.8/src/internal/arg.c
Examining data/r-cran-rlang-0.4.8/src/internal/expr-interp-rotate.h
Examining data/r-cran-rlang-0.4.8/src/internal/call.c
Examining data/r-cran-rlang-0.4.8/src/internal/internal.h
Examining data/r-cran-rlang-0.4.8/src/internal/expr-interp.h
Examining data/r-cran-rlang-0.4.8/src/export/init.c
Examining data/r-cran-rlang-0.4.8/src/export/exported.c
Examining data/r-cran-rlang-0.4.8/src/export/exported-tests.c
Examining data/r-cran-rlang-0.4.8/src/internal.c
Examining data/r-cran-rlang-0.4.8/src/lib.c
Examining data/r-cran-rlang-0.4.8/src/lib/parse.h
Examining data/r-cran-rlang-0.4.8/src/lib/stack.h
Examining data/r-cran-rlang-0.4.8/src/lib/state.h
Examining data/r-cran-rlang-0.4.8/src/lib/attrs.h
Examining data/r-cran-rlang-0.4.8/src/lib/env-binding.c
Examining data/r-cran-rlang-0.4.8/src/lib/lang.c
Examining data/r-cran-rlang-0.4.8/src/lib/fn.h
Examining data/r-cran-rlang-0.4.8/src/lib/quo.h
Examining data/r-cran-rlang-0.4.8/src/lib/cnd.c
Examining data/r-cran-rlang-0.4.8/src/lib/formula.h
Examining data/r-cran-rlang-0.4.8/src/lib/parse.c
Examining data/r-cran-rlang-0.4.8/src/lib/vec.c
Examining data/r-cran-rlang-0.4.8/src/lib/node.h
Examining data/r-cran-rlang-0.4.8/src/lib/env-binding.h
Examining data/r-cran-rlang-0.4.8/src/lib/formula.c
Examining data/r-cran-rlang-0.4.8/src/lib/vec-lgl.c
Examining data/r-cran-rlang-0.4.8/src/lib/stack.c
Examining data/r-cran-rlang-0.4.8/src/lib/eval.c
Examining data/r-cran-rlang-0.4.8/src/lib/vec-list.h
Examining data/r-cran-rlang-0.4.8/src/lib/eval.h
Examining data/r-cran-rlang-0.4.8/src/lib/env.h
Examining data/r-cran-rlang-0.4.8/src/lib/cnd.h
Examining data/r-cran-rlang-0.4.8/src/lib/quo.c
Examining data/r-cran-rlang-0.4.8/src/lib/debug.c
Examining data/r-cran-rlang-0.4.8/src/lib/sym.h
Examining data/r-cran-rlang-0.4.8/src/lib/vec-chr.h
Examining data/r-cran-rlang-0.4.8/src/lib/squash.h
Examining data/r-cran-rlang-0.4.8/src/lib/replace-na.h
Examining data/r-cran-rlang-0.4.8/src/lib/vec.h
Examining data/r-cran-rlang-0.4.8/src/lib/export.h
Examining data/r-cran-rlang-0.4.8/src/lib/env.c
Examining data/r-cran-rlang-0.4.8/src/lib/session.c
Examining data/r-cran-rlang-0.4.8/src/lib/node.c
Examining data/r-cran-rlang-0.4.8/src/lib/rlang.c
Examining data/r-cran-rlang-0.4.8/src/lib/debug.h
Examining data/r-cran-rlang-0.4.8/src/lib/sym-unescape.c
Examining data/r-cran-rlang-0.4.8/src/lib/attrs.c
Examining data/r-cran-rlang-0.4.8/src/lib/fn.c
Examining data/r-cran-rlang-0.4.8/src/lib/lang.h
Examining data/r-cran-rlang-0.4.8/src/lib/vec-list.c
Examining data/r-cran-rlang-0.4.8/src/lib/session.h
Examining data/r-cran-rlang-0.4.8/src/lib/sexp.c
Examining data/r-cran-rlang-0.4.8/src/lib/squash.c
Examining data/r-cran-rlang-0.4.8/src/lib/weakref.c
Examining data/r-cran-rlang-0.4.8/src/lib/export.c
Examining data/r-cran-rlang-0.4.8/src/lib/sexp.h
Examining data/r-cran-rlang-0.4.8/src/lib/rlang.h
Examining data/r-cran-rlang-0.4.8/src/lib/vec-lgl.h
Examining data/r-cran-rlang-0.4.8/src/lib/vec-chr.c
Examining data/r-cran-rlang-0.4.8/src/lib/sym.c
Examining data/r-cran-rlang-0.4.8/src/lib/replace-na.c
Examining data/r-cran-rlang-0.4.8/src/export.c
Examining data/r-cran-rlang-0.4.8/src/capture.c
FINAL RESULTS:
data/r-cran-rlang-0.4.8/src/lib/cnd.c:10:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(BUF, BUFSIZE, FMT, dots); \
data/r-cran-rlang-0.4.8/src/export/exported.c:299:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str[1000];
data/r-cran-rlang-0.4.8/src/internal/vec-raw.c:36:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p_buf, s_prefix, len_prefix);
data/r-cran-rlang-0.4.8/src/internal/vec-raw.c:47:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p_buf, s_suffix, len_suffix);
data/r-cran-rlang-0.4.8/src/lib/cnd.c:18:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/r-cran-rlang-0.4.8/src/lib/cnd.c:28:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/r-cran-rlang-0.4.8/src/lib/cnd.c:38:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/r-cran-rlang-0.4.8/src/lib/cnd.c:46:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/r-cran-rlang-0.4.8/src/lib/cnd.c:74:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/r-cran-rlang-0.4.8/src/lib/cnd.c:86:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/r-cran-rlang-0.4.8/src/lib/sym-unescape.c:81:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[orig_len + 1];
data/r-cran-rlang-0.4.8/src/lib/sym-unescape.c:82:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp, re_enc, orig_len + 1);
data/r-cran-rlang-0.4.8/src/internal/vec-raw.c:18:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len_prefix = strlen(s_prefix);
data/r-cran-rlang-0.4.8/src/internal/vec-raw.c:28:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len_suffix = strlen(s_suffix);
data/r-cran-rlang-0.4.8/src/lib/parse.c:94:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(name);
data/r-cran-rlang-0.4.8/src/lib/sym-unescape.c:80:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int orig_len = strlen(re_enc);
data/r-cran-rlang-0.4.8/src/lib/sym-unescape.c:147:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int codepoint = strtoul(src + strlen("<U+"), NULL, 16);
data/r-cran-rlang-0.4.8/src/lib/sym-unescape.c:148:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*len_processed = strlen("<U+xxxx>");
data/r-cran-rlang-0.4.8/src/lib/sym.c:58:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(name);
ANALYSIS SUMMARY:
Hits = 19
Lines analyzed = 9875 in approximately 0.23 seconds (43045 lines/second)
Physical Source Lines of Code (SLOC) = 7518
Hits@level = [0] 1 [1] 7 [2] 11 [3] 0 [4] 1 [5] 0
Hits@level+ = [0+] 20 [1+] 19 [2+] 12 [3+] 1 [4+] 1 [5+] 0
Hits/KSLOC@level+ = [0+] 2.66028 [1+] 2.52727 [2+] 1.59617 [3+] 0.133014 [4+] 0.133014 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.