stdin

Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/r-cran-rpf-1.0.5+dfsg/src/dmvnorm.cpp
Examining data/r-cran-rpf-1.0.5+dfsg/src/dataframe.cpp
Examining data/r-cran-rpf-1.0.5+dfsg/src/diagnose.cpp
Examining data/r-cran-rpf-1.0.5+dfsg/src/ba81quad.h
Examining data/r-cran-rpf-1.0.5+dfsg/src/m2.cpp
Examining data/r-cran-rpf-1.0.5+dfsg/src/eap.cpp
Examining data/r-cran-rpf-1.0.5+dfsg/src/libifa-rpf.cpp
Examining data/r-cran-rpf-1.0.5+dfsg/src/dmvnorm.h
Examining data/r-cran-rpf-1.0.5+dfsg/src/rpf.h
Examining data/r-cran-rpf-1.0.5+dfsg/src/RcppExports.cpp
Examining data/r-cran-rpf-1.0.5+dfsg/src/glue.cpp
Examining data/r-cran-rpf-1.0.5+dfsg/src/ba81quad.cpp
Examining data/r-cran-rpf-1.0.5+dfsg/inst/include/libifa-rpf.h

FINAL RESULTS:

data/r-cran-rpf-1.0.5+dfsg/inst/include/libifa-rpf.h:49:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  const char name[10];
data/r-cran-rpf-1.0.5+dfsg/src/ba81quad.cpp:288:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char buf[SMALLBUF];
data/r-cran-rpf-1.0.5+dfsg/src/diagnose.cpp:436:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char buf[SMALLBUF];
data/r-cran-rpf-1.0.5+dfsg/src/diagnose.cpp:443:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char buf[SMALLBUF];
data/r-cran-rpf-1.0.5+dfsg/src/diagnose.cpp:463:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(out, ssProb.data(), sizeof(double) * outRows);
data/r-cran-rpf-1.0.5+dfsg/src/diagnose.cpp:915:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(observed.data(), Robserved.begin(), sizeof(double) * rows * cols);
data/r-cran-rpf-1.0.5+dfsg/src/diagnose.cpp:918:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(expected.data(), Rexpected.begin(), sizeof(double) * rows * cols);
data/r-cran-rpf-1.0.5+dfsg/src/dmvnorm.cpp:57:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char err[ERROR_LEN];
data/r-cran-rpf-1.0.5+dfsg/src/dmvnorm.cpp:79:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char err[ERROR_LEN];
data/r-cran-rpf-1.0.5+dfsg/src/eap.cpp:108:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char buf[SMALLBUF];
data/r-cran-rpf-1.0.5+dfsg/src/libifa-rpf.cpp:530:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(nparam, param, sizeof(double) * 4);
data/r-cran-rpf-1.0.5+dfsg/src/libifa-rpf.cpp:1166:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(rawOut.data(), out, sizeof(double) * numParam);
data/r-cran-rpf-1.0.5+dfsg/src/dataframe.cpp:25:28:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
		for(j = 0; j < numcol && equal; j++) {
data/r-cran-rpf-1.0.5+dfsg/src/dataframe.cpp:31:7:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
	if (!equal) {

ANALYSIS SUMMARY:

Hits = 14
Lines analyzed = 6948 in approximately 0.19 seconds (36003 lines/second)
Physical Source Lines of Code (SLOC) = 5719
Hits@level = [0]   6 [1]   2 [2]  12 [3]   0 [4]   0 [5]   0
Hits@level+ = [0+]  20 [1+]  14 [2+]  12 [3+]   0 [4+]   0 [5+]   0
Hits/KSLOC@level+ = [0+] 3.49711 [1+] 2.44798 [2+] 2.09827 [3+]   0 [4+]   0 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.