Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/r-cran-checkmate-2.0.0/src/guess_type.c
Examining data/r-cran-checkmate-2.0.0/src/find_min_nchar.h
Examining data/r-cran-checkmate-2.0.0/src/backports.h
Examining data/r-cran-checkmate-2.0.0/src/find_min_nchar.c
Examining data/r-cran-checkmate-2.0.0/src/helper.h
Examining data/r-cran-checkmate-2.0.0/src/integerish.c
Examining data/r-cran-checkmate-2.0.0/src/which_first.h
Examining data/r-cran-checkmate-2.0.0/src/any_infinite.c
Examining data/r-cran-checkmate-2.0.0/src/is_sorted.h
Examining data/r-cran-checkmate-2.0.0/src/init.c
Examining data/r-cran-checkmate-2.0.0/src/any_missing.c
Examining data/r-cran-checkmate-2.0.0/src/all_missing.c
Examining data/r-cran-checkmate-2.0.0/src/any_nan.c
Examining data/r-cran-checkmate-2.0.0/src/qassert.c
Examining data/r-cran-checkmate-2.0.0/src/any_nan.h
Examining data/r-cran-checkmate-2.0.0/src/is_sorted.c
Examining data/r-cran-checkmate-2.0.0/src/integerish.h
Examining data/r-cran-checkmate-2.0.0/src/guess_type.h
Examining data/r-cran-checkmate-2.0.0/src/qassert.h
Examining data/r-cran-checkmate-2.0.0/src/any_missing.h
Examining data/r-cran-checkmate-2.0.0/src/helper.c
Examining data/r-cran-checkmate-2.0.0/src/all_missing.h
Examining data/r-cran-checkmate-2.0.0/src/which_first.c
Examining data/r-cran-checkmate-2.0.0/src/checks.c
Examining data/r-cran-checkmate-2.0.0/src/any_infinite.h
Examining data/r-cran-checkmate-2.0.0/src/checks.h
Examining data/r-cran-checkmate-2.0.0/inst/include/checkmate_stub.c
Examining data/r-cran-checkmate-2.0.0/inst/include/checkmate.h
FINAL RESULTS:
data/r-cran-checkmate-2.0.0/src/checks.c:71:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(msg, 255, fmt, vargs);
data/r-cran-checkmate-2.0.0/src/checks.c:79:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(msg, 255, fmt, vargs);
data/r-cran-checkmate-2.0.0/src/qassert.c:65:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(msg.msg, 255, fmt, vargs);
data/r-cran-checkmate-2.0.0/src/checks.c:14:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char msg[255] = "";
data/r-cran-checkmate-2.0.0/src/checks.c:157:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fmt[256];
data/r-cran-checkmate-2.0.0/src/checks.c:181:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fmt[256];
data/r-cran-checkmate-2.0.0/src/guess_type.c:12:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[512];
data/r-cran-checkmate-2.0.0/src/qassert.c:43:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[255];
data/r-cran-checkmate-2.0.0/src/checks.c:90:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(out, CHAR(STRING_ELT(result, 0)), 255);
data/r-cran-checkmate-2.0.0/src/guess_type.c:14:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, tmp, 511);
data/r-cran-checkmate-2.0.0/src/guess_type.c:16:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
R_len_t written = strlen(tmp);
data/r-cran-checkmate-2.0.0/src/guess_type.c:19:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(tmp) > 512 - written - 1)
data/r-cran-checkmate-2.0.0/src/qassert.c:358:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const R_len_t nchars = strlen(rule);
ANALYSIS SUMMARY:
Hits = 13
Lines analyzed = 2401 in approximately 0.09 seconds (26452 lines/second)
Physical Source Lines of Code (SLOC) = 2109
Hits@level = [0] 9 [1] 5 [2] 5 [3] 0 [4] 3 [5] 0
Hits@level+ = [0+] 22 [1+] 13 [2+] 8 [3+] 3 [4+] 3 [5+] 0
Hits/KSLOC@level+ = [0+] 10.4315 [1+] 6.16406 [2+] 3.79327 [3+] 1.42248 [4+] 1.42248 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.