Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/r-zoo-1.8-8/src/lag.c
Examining data/r-zoo-1.8-8/src/init.c
Examining data/r-zoo-1.8-8/src/coredata.c
Examining data/r-zoo-1.8-8/inst/include/zoo.h
FINAL RESULTS:
data/r-zoo-1.8-8/src/coredata.c:40:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(REAL(result), REAL(x), length(result) * sizeof(double));
data/r-zoo-1.8-8/src/coredata.c:43:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(INTEGER(result), INTEGER(x), length(result) * sizeof(int));
data/r-zoo-1.8-8/src/coredata.c:46:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(LOGICAL(result), LOGICAL(x), length(result) * sizeof(int));
data/r-zoo-1.8-8/src/coredata.c:49:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(COMPLEX(result), COMPLEX(x), length(result) * sizeof(Rcomplex));
data/r-zoo-1.8-8/src/coredata.c:58:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(RAW(result), RAW(x), length(result) * sizeof(unsigned char));
data/r-zoo-1.8-8/src/lag.c:68:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&REAL(result)[k+(j*nrr)],
data/r-zoo-1.8-8/src/lag.c:72:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&REAL(result)[(j*nrr)],
data/r-zoo-1.8-8/src/lag.c:84:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&INTEGER(result)[k+(j*nrr)],
data/r-zoo-1.8-8/src/lag.c:88:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&INTEGER(result)[(j*nrr)],
data/r-zoo-1.8-8/src/lag.c:100:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&LOGICAL(result)[k+(j*nrr)],
data/r-zoo-1.8-8/src/lag.c:104:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&LOGICAL(result)[(j*nrr)],
data/r-zoo-1.8-8/src/lag.c:117:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&COMPLEX(result)[k+(j*nrr)],
data/r-zoo-1.8-8/src/lag.c:121:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&COMPLEX(result)[(j*nrr)],
data/r-zoo-1.8-8/src/lag.c:132:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&RAW(result)[k+(j*nrr)],
data/r-zoo-1.8-8/src/lag.c:136:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&RAW(result)[(j*nrr)],
data/r-zoo-1.8-8/src/lag.c:169:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&REAL(result)[(j*nrr)],
data/r-zoo-1.8-8/src/lag.c:173:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&REAL(result)[(j*nrr)],
data/r-zoo-1.8-8/src/lag.c:185:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&INTEGER(result)[(j*nrr)],
data/r-zoo-1.8-8/src/lag.c:189:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&INTEGER(result)[(j*nrr)],
data/r-zoo-1.8-8/src/lag.c:201:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&LOGICAL(result)[(j*nrr)],
data/r-zoo-1.8-8/src/lag.c:205:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&LOGICAL(result)[(j*nrr)],
data/r-zoo-1.8-8/src/lag.c:218:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&COMPLEX(result)[(j*nrr)],
data/r-zoo-1.8-8/src/lag.c:222:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&COMPLEX(result)[(j*nrr)],
data/r-zoo-1.8-8/src/lag.c:233:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&RAW(result)[(j*nrr)],
data/r-zoo-1.8-8/src/lag.c:237:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&RAW(result)[(j*nrr)],
data/r-zoo-1.8-8/src/lag.c:282:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(REAL(newindex), &REAL(index)[k], nrr * sizeof(double));
data/r-zoo-1.8-8/src/lag.c:284:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(REAL(newindex), REAL(index), nrr * sizeof(double));
data/r-zoo-1.8-8/src/lag.c:289:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(INTEGER(newindex), &INTEGER(index)[k], nrr * sizeof(int));
data/r-zoo-1.8-8/src/lag.c:291:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(INTEGER(newindex), INTEGER(index), nrr * sizeof(int));
ANALYSIS SUMMARY:
Hits = 29
Lines analyzed = 485 in approximately 0.05 seconds (9884 lines/second)
Physical Source Lines of Code (SLOC) = 427
Hits@level = [0] 0 [1] 0 [2] 29 [3] 0 [4] 0 [5] 0
Hits@level+ = [0+] 29 [1+] 29 [2+] 29 [3+] 0 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 67.9157 [1+] 67.9157 [2+] 67.9157 [3+] 0 [4+] 0 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.