Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/include/ctrlc.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/include/splamm.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/include/cone.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/include/data.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/include/equil.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/include/spla.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/include/glblopts.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/include/wright_omega.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/include/timer.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/include/ecos_bb.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/include/expcone.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/include/kkt.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/include/ecos.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/ecos_bb/ecos_bb.c Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/ecos_bb/ecos_bb_preproc.c Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/test/emptyProblem/emptyProblem.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/test/generated/quad_over_lin/quad_over_lin.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/test/generated/quad_over_lin/quad_over_lin.c Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/test/generated/qcml_utils.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/test/generated/sq_norm/sq_norm.c Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/test/generated/sq_norm/sq_norm.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/test/generated/sum_sq/sum_sq.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/test/generated/sum_sq/sum_sq.c Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/test/generated/generated_tests.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/test/generated/norm/norm.c Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/test/generated/norm/norm.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/test/generated/inv_pos/inv_pos.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/test/generated/inv_pos/inv_pos.c Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/test/generated/qcml_utils.c Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/test/cvxpyProblems/githubIssue98.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/test/exponential/random_infeasible.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/test/exponential/log_ax_x.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/test/exponential/num_err.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/test/exponential/random_unbounded.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/test/exponential/random_feasible.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/test/ecostester.c Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/test/infeasibleProblems/infeasible2.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/test/infeasibleProblems/infeasible1.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/test/feasibilityProblems/feas.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/test/unboundedProblems/unboundedMaxSqrt.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/test/unboundedProblems/unboundedLP1.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/test/bb_test.c Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/test/minunit.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/test/MPC/MPC02.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/test/MPC/MPC01.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/test/updateData/update_data.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/test/LPnetlib/lp_beaconfd.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/test/LPnetlib/lp_25fv47.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/test/LPnetlib/lp_blend.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/test/LPnetlib/lp_agg.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/test/LPnetlib/lp_bnl1.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/test/LPnetlib/lp_adlittle.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/test/LPnetlib/lp_bandm.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/test/LPnetlib/lp_afiro.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/test/LPnetlib/lp_agg3.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/test/LPnetlib/lp_agg2.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/external/SuiteSparse_config/SuiteSparse_config.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/external/ldl/include/ldl.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/external/ldl/src/ldl.c Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/external/amd/include/amd.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/external/amd/include/amd_internal.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/external/amd/src/amd_1.c Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/external/amd/src/amd_preprocess.c Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/external/amd/src/amd_order.c Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/external/amd/src/amd_2.c Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/external/amd/src/amd_post_tree.c Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/external/amd/src/amd_aat.c Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/external/amd/src/amd_info.c Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/external/amd/src/amd_global.c Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/external/amd/src/amd_defaults.c Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/external/amd/src/amd_valid.c Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/external/amd/src/amd_dump.c Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/external/amd/src/amd_control.c Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/external/amd/src/amd_postorder.c Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/src/ctrlc.c Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/src/runecos_exp.c Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/src/ecos.c Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/src/preproc.c Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/src/cone.c Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/src/timer.c Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/src/equil.c Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/src/runecos.c Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/src/splamm.c Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/src/expcone.c Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/src/kkt.c Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/src/wright_omega.c Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/src/spla.c Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecosolve.c Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos-2954b2a-changes/include/glblopts.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos-2954b2a-changes/include/ecos_bb.h Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos-2954b2a-changes/ecos_bb/ecos_bb.c Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecos-2954b2a-changes/ecos_bb/ecos_bb_preproc.c Examining data/r-cran-ecosolver-0.5.3+dfsg/src/ecosolver_init.c FINAL RESULTS: data/r-cran-ecosolver-0.5.3+dfsg/src/ecos-2954b2a-changes/include/glblopts.h:77:19: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define PRINTTEXT printf data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/external/amd/src/amd_dump.c:39:2: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. fscanf (f, ID, &AMD_debug) ; data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/external/amd/src/amd_global.c:79:41: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. int (*amd_printf) (const char *, ...) = printf ; data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/include/glblopts.h:77:19: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define PRINTTEXT printf data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/external/amd/src/amd_dump.c:32:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen ("debug.amd", "r") ; data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/src/ecos.c:1088:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fn[20]; data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/src/ecos.c:1288:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fn, "PKPt_updated_%02i.txt", (int)w->info->iter); data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/src/ecos.c:1302:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fn, "PKPt_factor_%02i.txt", (int)w->info->iter); data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/src/splamm.c:285:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *f = fopen(fn,"w"); data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/src/splamm.c:312:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *f = fopen(fn,"w"); data/r-cran-ecosolver-0.5.3+dfsg/src/ecos/src/splamm.c:348:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *f = fopen(fn,"w"); data/r-cran-ecosolver-0.5.3+dfsg/src/ecosolve.c:234:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(REAL(x), mywork->x, n * sizeof(double)); data/r-cran-ecosolver-0.5.3+dfsg/src/ecosolve.c:240:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(REAL(y), mywork->y, p * sizeof(double)); data/r-cran-ecosolver-0.5.3+dfsg/src/ecosolve.c:246:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(REAL(s), mywork->s, m * sizeof(double)); data/r-cran-ecosolver-0.5.3+dfsg/src/ecosolve.c:252:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(REAL(z), mywork->z, m * sizeof(double)); ANALYSIS SUMMARY: Hits = 15 Lines analyzed = 18497 in approximately 10.01 seconds (1847 lines/second) Physical Source Lines of Code (SLOC) = 11531 Hits@level = [0] 109 [1] 0 [2] 11 [3] 0 [4] 4 [5] 0 Hits@level+ = [0+] 124 [1+] 15 [2+] 15 [3+] 4 [4+] 4 [5+] 0 Hits/KSLOC@level+ = [0+] 10.7536 [1+] 1.30084 [2+] 1.30084 [3+] 0.346891 [4+] 0.346891 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.