Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/r-cran-haven-2.3.1/src/haven_types.cpp
Examining data/r-cran-haven-2.3.1/src/tagged_na.c
Examining data/r-cran-haven-2.3.1/src/DfWriter.cpp
Examining data/r-cran-haven-2.3.1/src/readstat/CKHashTable.h
Examining data/r-cran-haven-2.3.1/src/readstat/readstat_convert.h
Examining data/r-cran-haven-2.3.1/src/readstat/readstat_value.c
Examining data/r-cran-haven-2.3.1/src/readstat/readstat_malloc.h
Examining data/r-cran-haven-2.3.1/src/readstat/readstat_bits.c
Examining data/r-cran-haven-2.3.1/src/readstat/readstat_io_unistd.h
Examining data/r-cran-haven-2.3.1/src/readstat/readstat_iconv.h
Examining data/r-cran-haven-2.3.1/src/readstat/txt/readstat_schema.h
Examining data/r-cran-haven-2.3.1/src/readstat/txt/readstat_copy.c
Examining data/r-cran-haven-2.3.1/src/readstat/txt/readstat_copy.h
Examining data/r-cran-haven-2.3.1/src/readstat/txt/commands_util.h
Examining data/r-cran-haven-2.3.1/src/readstat/txt/readstat_txt_read.c
Examining data/r-cran-haven-2.3.1/src/readstat/txt/readstat_spss_commands_read.c
Examining data/r-cran-haven-2.3.1/src/readstat/txt/readstat_schema.c
Examining data/r-cran-haven-2.3.1/src/readstat/txt/commands_util.c
Examining data/r-cran-haven-2.3.1/src/readstat/txt/readstat_stata_dictionary_read.c
Examining data/r-cran-haven-2.3.1/src/readstat/txt/readstat_sas_commands_read.c
Examining data/r-cran-haven-2.3.1/src/readstat/readstat_malloc.c
Examining data/r-cran-haven-2.3.1/src/readstat/spss/readstat_spss.h
Examining data/r-cran-haven-2.3.1/src/readstat/spss/readstat_zsav_compress.c
Examining data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_parse.c
Examining data/r-cran-haven-2.3.1/src/readstat/spss/readstat_zsav_write.h
Examining data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por_parse.c
Examining data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_parse.h
Examining data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav.h
Examining data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por_read.c
Examining data/r-cran-haven-2.3.1/src/readstat/spss/readstat_zsav_write.c
Examining data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_parse_timestamp.c
Examining data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por_parse.h
Examining data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_compress.h
Examining data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por_write.c
Examining data/r-cran-haven-2.3.1/src/readstat/spss/readstat_zsav_read.c
Examining data/r-cran-haven-2.3.1/src/readstat/spss/readstat_zsav_compress.h
Examining data/r-cran-haven-2.3.1/src/readstat/spss/readstat_spss_parse.c
Examining data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por.c
Examining data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav.c
Examining data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_parse_timestamp.h
Examining data/r-cran-haven-2.3.1/src/readstat/spss/readstat_zsav_read.h
Examining data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_write.c
Examining data/r-cran-haven-2.3.1/src/readstat/spss/readstat_spss_parse.h
Examining data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_compress.c
Examining data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c
Examining data/r-cran-haven-2.3.1/src/readstat/spss/readstat_spss.c
Examining data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por.h
Examining data/r-cran-haven-2.3.1/src/readstat/readstat_convert.c
Examining data/r-cran-haven-2.3.1/src/readstat/readstat_parser.c
Examining data/r-cran-haven-2.3.1/src/readstat/readstat_variable.c
Examining data/r-cran-haven-2.3.1/src/readstat/readstat_io_unistd.c
Examining data/r-cran-haven-2.3.1/src/readstat/readstat_writer.h
Examining data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta.h
Examining data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_write.c
Examining data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_read.c
Examining data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta.c
Examining data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_parse_timestamp.h
Examining data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_parse_timestamp.c
Examining data/r-cran-haven-2.3.1/src/readstat/readstat_writer.c
Examining data/r-cran-haven-2.3.1/src/readstat/readstat_bits.h
Examining data/r-cran-haven-2.3.1/src/readstat/CKHashTable.c
Examining data/r-cran-haven-2.3.1/src/readstat/readstat_metadata.c
Examining data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport.c
Examining data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bcat_write.c
Examining data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas.h
Examining data/r-cran-haven-2.3.1/src/readstat/sas/ieee.c
Examining data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bcat_read.c
Examining data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport.h
Examining data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas_rle.h
Examining data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_read.c
Examining data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport_write.c
Examining data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas_rle.c
Examining data/r-cran-haven-2.3.1/src/readstat/sas/ieee.h
Examining data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas.c
Examining data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c
Examining data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport_read.c
Examining data/r-cran-haven-2.3.1/src/readstat/readstat.h
Examining data/r-cran-haven-2.3.1/src/readstat/readstat_error.c
Examining data/r-cran-haven-2.3.1/src/DfReader.cpp
Examining data/r-cran-haven-2.3.1/src/haven_types.h
Examining data/r-cran-haven-2.3.1/src/tagged_na.h
Examining data/r-cran-haven-2.3.1/src/RcppExports.cpp
FINAL RESULTS:
data/r-cran-haven-2.3.1/src/readstat/readstat_writer.c:415:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(note_copy, note);
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas.c:269:13: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(error_buf, sizeof(error_buf),
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_read.c:931:17: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(ctx->error_buf, sizeof(ctx->error_buf),
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_read.c:997:17: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(ctx->error_buf, sizeof(ctx->error_buf),
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_read.c:1030:17: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(ctx->error_buf, sizeof(ctx->error_buf),
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_read.c:1135:13: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(ctx->error_buf, sizeof(ctx->error_buf), "ReadStat: Failed to seek to position %" PRId64,
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport_write.c:108:13: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(variable->format, "%s%d.%d", name, &width, &decimals);
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport_write.c:180:31: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
int matches = sscanf(variable->format, "%s%d.%d", format_name, &width, &decimals);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por_read.c:515:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(varinfo->label, string);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por_read.c:529:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(label_name_buf, sizeof(label_name_buf), POR_LABEL_NAME_PREFIX "%d", ctx->labels_offset);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por_read.c:702:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(label_name_buf, sizeof(label_name_buf), POR_LABEL_NAME_PREFIX "%d", info->labels_index);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:465:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(label_name_buf, sizeof(label_name_buf), SAV_LABEL_NAME_PREFIX "%d", ctx->value_labels_count);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:1071:17: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(label_name_buf, sizeof(label_name_buf),
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:1486:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(label_name_buf, sizeof(label_name_buf), SAV_LABEL_NAME_PREFIX "%d", info->labels_index);
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_write.c:414:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(format, "%%%s%s",
data/r-cran-haven-2.3.1/src/DfReader.cpp:464:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
virtual int open(void* io_ctx) = 0;
data/r-cran-haven-2.3.1/src/DfReader.cpp:511:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int open(void* io_ctx) {
data/r-cran-haven-2.3.1/src/DfReader.cpp:512:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file_.open(filename_.c_str(), std::ifstream::binary);
data/r-cran-haven-2.3.1/src/DfReader.cpp:535:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int open(void* io_ctx) {
data/r-cran-haven-2.3.1/src/DfReader.cpp:546:37: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return ((DfReaderInput*) io_ctx)->open(io_ctx);
data/r-cran-haven-2.3.1/src/DfWriter.cpp:61:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pOut_ = fopen(path.c_str(), "wb");
data/r-cran-haven-2.3.1/src/readstat/CKHashTable.c:10:44: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static inline void ck_float2str(float key, char keystr[6]);
data/r-cran-haven-2.3.1/src/readstat/CKHashTable.c:11:46: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static inline void ck_double2str(double key, char keystr[11]);
data/r-cran-haven-2.3.1/src/readstat/CKHashTable.c:24:44: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static inline void ck_float2str(float key, char keystr[6]) {
data/r-cran-haven-2.3.1/src/readstat/CKHashTable.c:25:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(keystr, &key, 4);
data/r-cran-haven-2.3.1/src/readstat/CKHashTable.c:35:46: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static inline void ck_double2str(double key, char keystr[11]) {
data/r-cran-haven-2.3.1/src/readstat/CKHashTable.c:36:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(keystr, &key, 8);
data/r-cran-haven-2.3.1/src/readstat/CKHashTable.c:54:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keystr[6];
data/r-cran-haven-2.3.1/src/readstat/CKHashTable.c:60:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keystr[6];
data/r-cran-haven-2.3.1/src/readstat/CKHashTable.c:67:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keystr[11];
data/r-cran-haven-2.3.1/src/readstat/CKHashTable.c:73:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keystr[11];
data/r-cran-haven-2.3.1/src/readstat/CKHashTable.c:137:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(table->entries[hash_key].key, key, keylen);
data/r-cran-haven-2.3.1/src/readstat/CKHashTable.h:10:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[CK_HASH_KEY_SIZE];
data/r-cran-haven-2.3.1/src/readstat/readstat.h:168:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[256];
data/r-cran-haven-2.3.1/src/readstat/readstat.h:187:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[300];
data/r-cran-haven-2.3.1/src/readstat/readstat.h:188:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[256];
data/r-cran-haven-2.3.1/src/readstat/readstat.h:189:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label[1024];
data/r-cran-haven-2.3.1/src/readstat/readstat.h:209:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char labelset[32];
data/r-cran-haven-2.3.1/src/readstat/readstat.h:214:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[255];
data/r-cran-haven-2.3.1/src/readstat/readstat.h:319:36: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
readstat_open_handler open;
data/r-cran-haven-2.3.1/src/readstat/readstat.h:407:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[1]; // Flexible array; using [1] for C++98 compatibility
data/r-cran-haven-2.3.1/src/readstat/readstat.h:482:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_label[100];
data/r-cran-haven-2.3.1/src/readstat/readstat.h:483:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char table_name[33];
data/r-cran-haven-2.3.1/src/readstat/readstat_bits.c:57:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&answer, &num, 4);
data/r-cran-haven-2.3.1/src/readstat/readstat_bits.c:59:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&num, &answer, 4);
data/r-cran-haven-2.3.1/src/readstat/readstat_bits.c:65:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&answer, &num, 8);
data/r-cran-haven-2.3.1/src/readstat/readstat_bits.c:67:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&num, &answer, 8);
data/r-cran-haven-2.3.1/src/readstat/readstat_convert.c:32:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, src_len);
data/r-cran-haven-2.3.1/src/readstat/readstat_iconv.h:14:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/r-cran-haven-2.3.1/src/readstat/readstat_io_unistd.c:23:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(path, UNISTD_OPEN_OPTIONS);
data/r-cran-haven-2.3.1/src/readstat/readstat_writer.c:34:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ref->data[0], string, len);
data/r-cran-haven-2.3.1/src/readstat/readstat_writer.c:82:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(value_label->label, label, value_label->label_len);
data/r-cran-haven-2.3.1/src/readstat/readstat_writer.c:261:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zeros[len];
data/r-cran-haven-2.3.1/src/readstat/readstat_writer.c:355:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_value_label->string_key, value, new_value_label->string_key_len);
data/r-cran-haven-2.3.1/src/readstat/sas/ieee.c:42:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char temp[8];
data/r-cran-haven-2.3.1/src/readstat/sas/ieee.c:77:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(to,from,8);
data/r-cran-haven-2.3.1/src/readstat/sas/ieee.c:84:18: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
else memcpy(to,from,8);
data/r-cran-haven-2.3.1/src/readstat/sas/ieee.c:91:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp,to,8);
data/r-cran-haven-2.3.1/src/readstat/sas/ieee.c:118:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[8];
data/r-cran-haven-2.3.1/src/readstat/sas/ieee.c:125:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp,xport,8);
data/r-cran-haven-2.3.1/src/readstat/sas/ieee.c:134:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&xport1,temp,sizeof(uint32_t));
data/r-cran-haven-2.3.1/src/readstat/sas/ieee.c:136:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&xport2,temp+4,sizeof(uint32_t));
data/r-cran-haven-2.3.1/src/readstat/sas/ieee.c:244:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ieee,&ieee1,sizeof(uint32_t));
data/r-cran-haven-2.3.1/src/readstat/sas/ieee.c:246:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ieee+4,&ieee2,sizeof(uint32_t));
data/r-cran-haven-2.3.1/src/readstat/sas/ieee.c:266:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ieee8[8];
data/r-cran-haven-2.3.1/src/readstat/sas/ieee.c:268:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ieee8,ieee,8);
data/r-cran-haven-2.3.1/src/readstat/sas/ieee.c:271:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ieee1,ieee8,sizeof(uint32_t));
data/r-cran-haven-2.3.1/src/readstat/sas/ieee.c:273:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ieee2,ieee8+4,sizeof(uint32_t));
data/r-cran-haven-2.3.1/src/readstat/sas/ieee.c:414:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(xport,&xport1,sizeof(uint32_t));
data/r-cran-haven-2.3.1/src/readstat/sas/ieee.c:416:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(xport+4,&xport2,sizeof(uint32_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas.c:22:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sas7bdat_magic_number[32] = {
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas.c:29:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sas7bcat_magic_number[32] = {
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas.c:87:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tmp, data, 8);
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas.c:93:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tmp, data, 4);
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas.c:99:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tmp, data, 2);
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas.c:112:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_buf[1024];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas.c:157:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hinfo->file_label, header_start.file_label, sizeof(header_start.file_label));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas.c:292:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(header_start.file_label, writer->file_label, file_label_len);
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas.c:294:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(header_start.file_label, "DATASET", sizeof("DATASET")-1);
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas.c:350:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char release[sizeof(header_end.release)+1] = { 0 };
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas.h:8:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char magic[32];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas.h:10:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mystery1[2];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas.h:12:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mystery2[1];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas.h:14:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mystery3[1];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas.h:16:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mystery4[30];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas.h:18:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mystery5[13];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas.h:19:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_type[8];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas.h:20:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_label[64];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas.h:21:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_info[8];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas.h:25:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char release[8];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas.h:26:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[16];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas.h:27:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[16];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas.h:28:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char os_vendor[16];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas.h:29:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char os_name[16];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas.h:30:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extra[48];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas.h:50:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_label[64];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas.h:111:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern unsigned char sas7bdat_magic_number[32];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas.h:112:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern unsigned char sas7bcat_magic_number[32];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bcat_read.c:93:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string_val[4*16+1];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bcat_read.c:108:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dval, &val, 8);
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bcat_read.c:120:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label[4*label_len+1];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bcat_read.c:149:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[4*32+1];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bcat_read.c:274:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chain_link[32];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bcat_read.c:322:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chain_link[32];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bcat_read.c:380:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (io->open(path, io->io_ctx) == -1) {
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bcat_read.c:418:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_label[4*64+1];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bcat_write.c:14:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[1]; // Flexible array; use [1] for C++-98 compatibility
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bcat_write.c:21:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bcat_write.c:32:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&name[0], r_label_set->name, name_len);
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bcat_write.c:46:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&block->data[38], &count, sizeof(int32_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bcat_write.c:47:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&block->data[42], &count, sizeof(int32_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bcat_write.c:50:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&block->data[8], name, 8);
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bcat_write.c:53:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&block->data[106], name, name_len);
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bcat_write.c:58:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&block->data[8], name, name_len);
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bcat_write.c:68:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lbp1[10], &index, sizeof(int32_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bcat_write.c:74:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lbp1[14], value_label->string_key, string_len);
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bcat_write.c:78:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&big_endian_value, &double_value, sizeof(double));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bcat_write.c:82:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lbp1[22], &big_endian_value, sizeof(uint64_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bcat_write.c:86:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lbp2[8], &label_len, sizeof(int16_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bcat_write.c:87:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lbp2[10], value_label->label, label_len);
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bcat_write.c:148:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&xlsr[0], "XLSR", 4);
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bcat_write.c:150:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&xlsr[4], &block_idx, sizeof(int16_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bcat_write.c:151:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&xlsr[8], &block_off, sizeof(int16_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bcat_write.c:172:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char block_header[16];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bcat_write.c:183:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&block_header[0], &next_page, sizeof(int32_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bcat_write.c:184:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&block_header[4], &next_off, sizeof(int16_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bcat_write.c:185:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&block_header[6], &block_len, sizeof(int16_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bcat_write.c:187:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&page[block_off], block_header, sizeof(block_header));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bcat_write.c:190:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&page[block_off], blocks[i]->data, blocks[i]->len);
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_read.c:88:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_label[4*64+1];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_read.c:89:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_buf[2048];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_read.c:153:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(blob, subheader+signature_len, len-signature_len);
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_read.c:416:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dval, &val, 8);
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_read.c:1062:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (io->open(path, io->io_ctx) == -1) {
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:172:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&subheader->data[40], &row_length, sizeof(int64_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:173:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&subheader->data[48], &row_count, sizeof(int64_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:174:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&subheader->data[72], &ncfl1, sizeof(int64_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:175:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&subheader->data[104], &page_size, sizeof(int64_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:183:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&subheader->data[20], &row_length, sizeof(int32_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:184:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&subheader->data[24], &row_count, sizeof(int32_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:185:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&subheader->data[36], &ncfl1, sizeof(int32_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:186:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&subheader->data[52], &page_size, sizeof(int32_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:200:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&subheader->data[8], &col_count, sizeof(int64_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:203:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&subheader->data[4], &col_count, sizeof(int32_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:220:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&subheader->data[signature_len], &remainder, sizeof(uint16_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:228:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ptrs[0], &text_ref.index, sizeof(uint16_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:229:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ptrs[2], &text_ref.offset, sizeof(uint16_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:230:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ptrs[4], &text_ref.length, sizeof(uint16_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:249:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&subheader->data[signature_len], &remainder, sizeof(uint16_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:261:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ptrs[0], &offset, sizeof(uint64_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:265:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ptrs[0], &offset32, sizeof(uint32_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:275:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ptrs[0], &width, sizeof(uint32_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:276:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ptrs[4], &name_length_flag, sizeof(uint16_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:294:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&subheader->data[format_offset+0], &text_ref.index, sizeof(uint16_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:295:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&subheader->data[format_offset+2], &text_ref.offset, sizeof(uint16_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:296:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&subheader->data[format_offset+4], &text_ref.length, sizeof(uint16_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:300:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&subheader->data[label_offset+0], &text_ref.index, sizeof(uint16_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:301:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&subheader->data[label_offset+2], &text_ref.offset, sizeof(uint16_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:302:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&subheader->data[label_offset+4], &text_ref.length, sizeof(uint16_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:322:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&subheader->data[signature_len], &used, sizeof(uint16_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:324:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&subheader->data[signature_len+28], column_text->data, column_text->used);
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:425:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&page[hinfo->page_header_size-8], &page_type, sizeof(int16_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:443:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&page[shp_ptr_offset], &offset, sizeof(uint64_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:444:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&page[shp_ptr_offset+8], &len, sizeof(uint64_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:456:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&subheader->data[0], &signature64, sizeof(int64_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:458:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&subheader->data[0], &signature32, sizeof(int32_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:464:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&page[shp_ptr_offset], &offset, sizeof(uint32_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:465:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&page[shp_ptr_offset+4], &len, sizeof(uint32_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:475:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&subheader->data[0], &signature32, sizeof(int32_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:482:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&page[shp_data_offset], subheader->data, subheader->len);
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:489:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&page[34], &shp_count, sizeof(int16_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:490:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&page[36], &shp_count, sizeof(int16_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:492:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&page[18], &shp_count, sizeof(int16_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:493:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&page[20], &shp_count, sizeof(int16_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:619:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(row, &value, sizeof(double));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:642:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chars[8];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:702:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[hinfo->page_header_size];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:704:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&header[hinfo->page_header_size-6], &page_row_count, sizeof(int16_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:705:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&header[hinfo->page_header_size-8], &page_type, sizeof(int16_t));
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:740:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(subheader->data, bytes, len);
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas_rle.c:108:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&output[output_written], input, copy_len);
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas_rle.c:145:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, copy, MAX_COPY_RUN);
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas_rle.c:165:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, copy, copy_run);
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport.c:6:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char _xport_months[12][4] = {
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport.h:3:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[9];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport.h:13:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char _xport_months[12][4];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport.h:21:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nname[8];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport.h:22:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nlabel[40];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport.h:23:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nform[8];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport.h:27:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nfill[2];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport.h:28:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char niform[8];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport.h:32:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char longname[32];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport.h:34:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rest[18];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport_read.c:35:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_label[40*4+1];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport_read.c:36:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char table_name[32*4+1];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport_read.c:107:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINE_LEN+1];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport_read.c:150:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINE_LEN+1];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport_read.c:167:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINE_LEN+1];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport_read.c:203:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINE_LEN+1];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport_read.c:206:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char month[4];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport_read.c:283:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[4*src_len+1];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport_read.c:325:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[name_len+1];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport_read.c:326:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label[label_len+1];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport_read.c:388:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[name_len+1];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport_read.c:389:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[format_len+1];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport_read.c:390:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char informat[informat_len+1];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport_read.c:391:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label[label_len+1];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport_read.c:550:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char full_value[8] = { 0 };
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport_read.c:560:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(full_value, &row[pos], variable->storage_width);
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport_read.c:679:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (io->open(path, io->io_ctx) == -1) {
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport_write.c:49:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char record[RECORD_LEN+1];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport_write.c:58:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char record[RECORD_LEN+1];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport_write.c:106:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[24];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport_write.c:158:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(header.name, "LABELV9");
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport_write.c:171:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format_name[24];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport_write.c:258:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xrecord.name, "LIBV8");
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport_write.c:265:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char real_record[RECORD_LEN+1];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport_write.c:279:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xrecord.name, "MEMBV8");
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport_write.c:289:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xrecord.name, "DSCPTV8");
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport_write.c:297:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char member_header[RECORD_LEN+1];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport_write.c:317:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char member_header[RECORD_LEN+1];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport_write.c:333:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char member_header[RECORD_LEN+1];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport_write.c:347:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xrecord.name, "NAMSTV8");
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport_write.c:357:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xrecord.name, "OBSV8");
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport_write.c:384:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timestamp[17];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport_write.c:449:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char full_value[8];
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport_write.c:455:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(row, full_value, var->storage_width);
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport_write.c:483:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(row, string, value_len);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por.c:102:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ssize_t por_utf8_encode(const unsigned char *input, size_t input_len,
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por.c:103:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *output, size_t output_len, uint16_t lookup[256]) {
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por.c:132:27: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
int printed = sprintf(output + offset, "%lc", codepoint);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por.h:16:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fweight_name[9];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por.h:17:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_label[21];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por.h:36:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ssize_t por_utf8_encode(const unsigned char *input, size_t input_len,
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por.h:37:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *output, size_t output_len, uint16_t lookup[256]);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por_parse.c:258:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_buf[1024];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por_read.c:95:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[100];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por_read.c:96:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char utf8_buffer[300];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por_read.c:97:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_buf[1024];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por_read.c:198:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_buf[1024];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por_read.c:478:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[256];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por_read.c:501:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[256];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por_read.c:525:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[256];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por_read.c:527:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label_name_buf[256];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por_read.c:528:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label_buf[256];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por_read.c:581:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input_string[256];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por_read.c:582:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_string[4*256+1];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por_read.c:583:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_buf[1024];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por_read.c:658:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[256];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por_read.c:696:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label_name_buf[256];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por_read.c:742:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char reverse_lookup[256];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por_read.c:743:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vanity[5][40];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por_read.c:744:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_buf[1024];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por_read.c:766:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (io->open(path, io->io_ctx) == -1) {
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por_read.c:809:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char check[8];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por_read.c:810:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tr_check[8];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por_read.c:835:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[256];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por_write.c:57:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_buf[1024];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por_write.c:79:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[2];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por_write.c:143:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_buf[1024];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por_write.c:144:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[256];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por_write.c:202:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vanity[5][40];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por_write.c:205:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vanity[1], "ASCII SPSS PORT FILE", 20);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por_write.c:212:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lookup[256];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por_write.c:243:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char date[9];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por_write.c:251:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time[7];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav.h:12:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rec_type[4];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav.h:13:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prod_name[60];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav.h:20:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char creation_date[9];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav.h:21:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char creation_time[8];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav.h:22:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_label[64];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav.h:23:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char padding[3];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav.h:32:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[8];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav.h:78:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_label[4*64+1];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_compress.c:35:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&output[output_offset], &input[input_offset], 8);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_compress.c:48:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&int_value, &input[input_offset], 8);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_compress.c:53:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&fp_value, &input[input_offset], 8);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_compress.c:58:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&output[output_offset], &input[input_offset], 8);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_compress.c:88:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(state->chunk, state->next_in, 8);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_compress.c:106:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(state->next_out, state->next_in, 8);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_compress.c:118:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(state->next_out, &missing_value, sizeof(uint64_t));
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_compress.c:125:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(state->next_out, &fp_value, sizeof(double));
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_compress.h:17:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char chunk[8];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_parse.c:13:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[8*4+1];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_parse.c:54:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(entry->name, info->name, sizeof(info->name));
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_parse.c:626:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp_key[4*8+1];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_parse.c:627:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp_val[4*64+1];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_parse.c:631:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_buf[8192];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_parse.c:744:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(info->longname, temp_val, str_len);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_parse.c:755:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp_key, str_start, str_len);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_parse.c:762:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp_val, str_start, str_len);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_parse.c:804:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(info->longname, temp_val, str_len);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_parse.c:815:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp_val, str_start, str_len);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_parse.c:971:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp_key[8*4+1];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_parse.c:1098:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp_key, str_start, str_len);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_parse_timestamp.c:74:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_buf[8192];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_parse_timestamp.c:349:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_buf[8192];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:116:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char raw_value[8];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:117:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char utf8_string_value[8*4+1];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:150:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&long_value, &fp_value, 8);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:263:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&long_value, &info->missing_double_values[i], 8);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:282:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char missing_value[8];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:461:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label_name_buf[256];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:486:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label_buf[256];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:578:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&val_d, vlabel->raw_value, 8);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:646:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char raw_buffer[SPSS_DOC_LINE_SIZE];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:647:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char utf8_buffer[4*SPSS_DOC_LINE_SIZE+1];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:704:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ctx->raw_string + raw_str_used, &buffer[data_offset], 8);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:733:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&fp_value, &buffer[data_offset], 8);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:843:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[DATA_BUFFER_SIZE];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:913:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&record, data, data_len);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:929:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_buf[1024];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:955:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&fp_info, data, sizeof(sav_machine_floating_point_info_record_t));
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:1020:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&var_name_len, data_ptr, sizeof(uint32_t));
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:1054:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var_name_buf[256*4+1];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:1055:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label_name_buf[256];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:1090:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&label_count, data_ptr, sizeof(uint32_t));
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:1105:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&value_len, data_ptr, sizeof(uint32_t));
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:1134:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&label_len, data_ptr, sizeof(uint32_t));
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:1188:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var_name_buf[256*4+1];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:1219:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&var_name_len, data_ptr, sizeof(uint32_t));
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:1258:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data_buf[4096];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:1482:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label_name_buf[256];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:1556:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (io->open(path, io->io_ctx) == -1) {
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_write.c:37:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shortname[9];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_write.c:38:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stem[6];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_write.c:125:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char creation_date[sizeof(header.creation_date)+1] = { 0 };
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_write.c:126:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char creation_time[sizeof(header.creation_time)+1] = { 0 };
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_write.c:133:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(header.rec_type, "$FL2", sizeof("$FL2")-1);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_write.c:138:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(header.prod_name,
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_write.c:178:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(header.file_label, writer->file_label, file_label_len);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_write.c:191:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char padded_label[MAX_LABEL_SIZE];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_write.c:383:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_data[9];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_write.c:409:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(variable.name, name_data, name_data_len);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_write.c:440:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_data[9];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_write.c:457:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(variable.name, name_data, name_len);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_write.c:538:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[8];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_write.c:544:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(value, r_value_label->string_key, key_len);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_write.c:547:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(value, &num_val, sizeof(double));
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_write.c:550:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(value, &num_val, sizeof(double));
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_write.c:564:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label[MAX_VALUE_LABEL_SIZE+8];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_write.c:566:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(label, label_data, label_len);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_write.c:766:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_data[9];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_write.c:795:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_data[9];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_write.c:838:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tuple_separator[2] = { 0x00, 0x09 };
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_write.c:852:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_data[9];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_write.c:855:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kv_data[8+1+5+1];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_write.c:874:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_data[9];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_write.c:877:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kv_data[8+1+5+1];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_write.c:1158:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(row, &dval, sizeof(double));
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_write.c:1164:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(row, &dval, sizeof(double));
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_write.c:1170:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(row, &dval, sizeof(double));
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_write.c:1176:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(row, &dval, sizeof(double));
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_write.c:1182:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(row, &dval, sizeof(double));
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_write.c:1198:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&row_bytes[row_offset], &value[val_offset], 255);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_write.c:1202:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&row_bytes[row_offset], &value[val_offset], value_len - val_offset);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_write.c:1214:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(row, &missing_val, sizeof(uint64_t));
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_spss.c:87:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&special_val, &dval, sizeof(double));
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_spss.h:74:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char missing_string_values[3][8*4+1];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_spss.h:75:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[8*4+1];
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_spss.h:76:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char longname[64*4+1];
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta.h:44:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[1]; // Flexible array; use [1] for C++98 compatibility
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta.h:118:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_buf[256];
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_parse_timestamp.c:324:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_buf[1024];
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_read.c:143:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ctx->typlist, buffer, buffer_len);
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_read.c:208:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char start[4];
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_read.c:298:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256];
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_read.c:344:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&v, &vo_bytes[0], sizeof(uint32_t));
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_read.c:345:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&o, &vo_bytes[4], sizeof(uint32_t));
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_read.c:423:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tag[3];
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_read.c:451:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(strl_ptr, &strl, sizeof(dta_strl_t));
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_read.c:477:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&byte, buf, sizeof(int8_t));
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_read.c:497:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&num, buf, sizeof(int16_t));
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_read.c:520:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&num, buf, sizeof(int32_t));
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_read.c:544:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&num, buf, sizeof(int32_t));
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_read.c:556:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&f_num, &num, sizeof(int32_t));
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_read.c:567:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&num, buf, sizeof(int64_t));
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_read.c:579:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&d_num, &num, sizeof(int64_t));
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_read.c:587:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str_buf[2048];
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_read.c:755:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ds_format[3];
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_read.c:763:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char byteorder[3];
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_read.c:1000:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char labname[129];
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_read.c:1047:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label_buf[4*8+1];
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_read.c:1136:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (io->open(path, io->io_ctx) == -1) {
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_read.c:1141:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[4];
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_write.c:413:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[64];
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_write.c:512:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[ctx->ch_metadata_len];
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_write.c:637:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char labname[12+2];
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_write.c:677:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&label_buffer[8*value_label->int32_key], value_label->label, len);
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_write.c:782:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(txt + offset, label, label_data_len);
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_write.c:886:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char release[128];
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_write.c:1160:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(row, &value, sizeof(char));
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_write.c:1165:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(row, &value, sizeof(int16_t));
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_write.c:1170:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(row, &value, sizeof(int32_t));
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_write.c:1175:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(row, &value, sizeof(int64_t));
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_write.c:1180:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(row, &value, sizeof(float));
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_write.c:1185:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(row, &value, sizeof(double));
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_write.c:1234:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&max_flt, &max_flt_i32, sizeof(float));
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_write.c:1246:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&max_dbl, &max_dbl_i64, sizeof(double));
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_write.c:1276:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&row_bytes[0], &v, sizeof(int16_t));
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_write.c:1280:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&row_bytes[2], &o, 6);
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_write.c:1291:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&row_bytes[0], &v, sizeof(int32_t));
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_write.c:1292:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&row_bytes[4], &o, sizeof(int32_t));
data/r-cran-haven-2.3.1/src/readstat/txt/readstat_copy.c:10:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, str_start, this_len);
data/r-cran-haven-2.3.1/src/readstat/txt/readstat_sas_commands_read.c:2891:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (parser->io->open(filepath, parser->io->io_ctx) == -1) {
data/r-cran-haven-2.3.1/src/readstat/txt/readstat_sas_commands_read.c:2927:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char varname[32];
data/r-cran-haven-2.3.1/src/readstat/txt/readstat_sas_commands_read.c:2928:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char argname[32];
data/r-cran-haven-2.3.1/src/readstat/txt/readstat_sas_commands_read.c:2929:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char labelset[32];
data/r-cran-haven-2.3.1/src/readstat/txt/readstat_sas_commands_read.c:2930:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string_value[32];
data/r-cran-haven-2.3.1/src/readstat/txt/readstat_sas_commands_read.c:2931:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/r-cran-haven-2.3.1/src/readstat/txt/readstat_sas_commands_read.c:3259:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_buf[1024];
data/r-cran-haven-2.3.1/src/readstat/txt/readstat_spss_commands_read.c:1670:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (parser->io->open(filepath, parser->io->io_ctx) == -1) {
data/r-cran-haven-2.3.1/src/readstat/txt/readstat_spss_commands_read.c:1706:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char varname[32];
data/r-cran-haven-2.3.1/src/readstat/txt/readstat_spss_commands_read.c:1707:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char argname[32];
data/r-cran-haven-2.3.1/src/readstat/txt/readstat_spss_commands_read.c:1708:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string_value[32];
data/r-cran-haven-2.3.1/src/readstat/txt/readstat_spss_commands_read.c:1709:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/r-cran-haven-2.3.1/src/readstat/txt/readstat_spss_commands_read.c:1711:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var_list[1024][32];
data/r-cran-haven-2.3.1/src/readstat/txt/readstat_spss_commands_read.c:1884:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(var_list[var_count++], varname, sizeof(varname));
data/r-cran-haven-2.3.1/src/readstat/txt/readstat_spss_commands_read.c:1902:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char labelset_name[256];
data/r-cran-haven-2.3.1/src/readstat/txt/readstat_spss_commands_read.c:1913:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char labelset_name[256];
data/r-cran-haven-2.3.1/src/readstat/txt/readstat_spss_commands_read.c:2050:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_buf[1024];
data/r-cran-haven-2.3.1/src/readstat/txt/readstat_stata_dictionary_read.c:459:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (parser->io->open(filepath, parser->io->io_ctx) == -1) {
data/r-cran-haven-2.3.1/src/readstat/txt/readstat_stata_dictionary_read.c:627:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&schema->entries[schema->entry_count++], ¤t_entry, sizeof(readstat_schema_entry_t));
data/r-cran-haven-2.3.1/src/readstat/txt/readstat_stata_dictionary_read.c:760:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_buf[1024];
data/r-cran-haven-2.3.1/src/readstat/txt/readstat_txt_read.c:22:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char converted_value[4*len+1];
data/r-cran-haven-2.3.1/src/readstat/txt/readstat_txt_read.c:117:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value_buffer[4096];
data/r-cran-haven-2.3.1/src/readstat/txt/readstat_txt_read.c:138:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(value_buffer, &line_buffer[field_offset], field_len);
data/r-cran-haven-2.3.1/src/readstat/txt/readstat_txt_read.c:183:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (io->open(filename, io->io_ctx) == -1) {
data/r-cran-haven-2.3.1/src/tagged_na.c:22:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char byte[8]; // 8 * 1 bytes
data/r-cran-haven-2.3.1/src/DfReader.cpp:467:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual ssize_t read(void *buf, size_t nbyte, void *io_ctx) = 0;
data/r-cran-haven-2.3.1/src/DfReader.cpp:491:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ssize_t read(void *buf, size_t nbyte, void *io_ctx) {
data/r-cran-haven-2.3.1/src/DfReader.cpp:492:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
file_.read((char*) buf, nbyte);
data/r-cran-haven-2.3.1/src/DfReader.cpp:555:37: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return ((DfReaderInput*) io_ctx)->read(buf, nbyte, io_ctx);
data/r-cran-haven-2.3.1/src/DfWriter.cpp:297:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int length = strlen(string_utf8(x, i));
data/r-cran-haven-2.3.1/src/readstat/CKHashTable.c:79:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t keylen = strlen(key);
data/r-cran-haven-2.3.1/src/readstat/CKHashTable.c:108:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t keylen = strlen(key);
data/r-cran-haven-2.3.1/src/readstat/readstat.h:322:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
readstat_read_handler read;
data/r-cran-haven-2.3.1/src/readstat/readstat_io_unistd.c:58:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ssize_t out = read(fd, buf, nbyte);
data/r-cran-haven-2.3.1/src/readstat/readstat_writer.c:29:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(string) + 1;
data/r-cran-haven-2.3.1/src/readstat/readstat_writer.c:79:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (label && strlen(label)) {
data/r-cran-haven-2.3.1/src/readstat/readstat_writer.c:80:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
value_label->label_len = strlen(label);
data/r-cran-haven-2.3.1/src/readstat/readstat_writer.c:204:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t line_sep_len = strlen(line_sep);
data/r-cran-haven-2.3.1/src/readstat/readstat_writer.c:231:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t line_sep_len = strlen(line_sep);
data/r-cran-haven-2.3.1/src/readstat/readstat_writer.c:254:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return readstat_write_bytes(writer, bytes, strlen(bytes));
data/r-cran-haven-2.3.1/src/readstat/readstat_writer.c:279:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(string);
data/r-cran-haven-2.3.1/src/readstat/readstat_writer.c:352:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (value && strlen(value)) {
data/r-cran-haven-2.3.1/src/readstat/readstat_writer.c:353:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new_value_label->string_key_len = strlen(value);
data/r-cran-haven-2.3.1/src/readstat/readstat_writer.c:414:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *note_copy = malloc(strlen(note) + 1);
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas.c:116:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(&header_start, sizeof(sas_header_start_t), io->io_ctx) < sizeof(sas_header_start_t)) {
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas.c:165:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(&creation_time, sizeof(double), io->io_ctx) < sizeof(double)) {
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas.c:172:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(&modification_time, sizeof(double), io->io_ctx) < sizeof(double)) {
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas.c:189:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(&header_size, sizeof(uint32_t), io->io_ctx) < sizeof(uint32_t)) {
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas.c:193:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(&page_size, sizeof(uint32_t), io->io_ctx) < sizeof(uint32_t)) {
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas.c:220:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(&page_count, sizeof(uint64_t), io->io_ctx) < sizeof(uint64_t)) {
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas.c:227:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(&page_count, sizeof(uint32_t), io->io_ctx) < sizeof(uint32_t)) {
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas.c:246:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(&header_end, sizeof(sas_header_end_t), io->io_ctx) < sizeof(sas_header_end_t)) {
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas.c:287:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t file_label_len = strlen(writer->file_label);
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas.c:421:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) > max_len)
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bcat_read.c:286:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(chain_link, chain_link_header_len, io->io_ctx) < chain_link_header_len) {
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bcat_read.c:333:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(chain_link, chain_link_header_len, io->io_ctx) < chain_link_header_len) {
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bcat_read.c:350:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(buffer + buffer_offset, chain_link_len, io->io_ctx) < chain_link_len) {
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bcat_read.c:448:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(page, ctx->page_size, io->io_ctx) < ctx->page_size) {
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bcat_read.c:463:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(page, ctx->page_size, io->io_ctx) < ctx->page_size) {
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bcat_write.c:19:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t name_len = strlen(r_label_set->name);
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_read.c:911:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(ctx->page, head_len, io->io_ctx) < head_len) {
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_read.c:923:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(ctx->page + head_len, tail_len, io->io_ctx) < tail_len) {
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_read.c:973:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(ctx->page, head_len, io->io_ctx) < head_len) {
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_read.c:989:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(ctx->page + head_len, tail_len, io->io_ctx) < tail_len) {
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_read.c:1022:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(ctx->page, ctx->page_size, io->io_ctx) < ctx->page_size) {
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:112:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(string);
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:130:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(&column_text->data[column_text->used], string, padded_len);
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:258:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t name_length_flag = strlen(name) <= 8 ? 4 : 2048;
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:667:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t value_len = strlen(value);
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_sas7bdat_write.c:671:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)row, value, max_len);
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport_read.c:71:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return io->read(dst, dst_len, io->io_ctx);
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport_read.c:115:19: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
int matches = sscanf(line,
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport_read.c:213:5: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
sscanf(line,
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport_write.c:32:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(record);
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport_write.c:118:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) > 8) {
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport_write.c:129:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t label_len = strlen(variable->label);
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport_write.c:166:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t label_len = strlen(variable->label);
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport_write.c:167:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t name_len = strlen(variable->name);
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport_write.c:185:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
format_len = strlen(format_name);
data/r-cran-haven-2.3.1/src/readstat/sas/readstat_xport_write.c:479:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t value_len = strlen(string);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por_read.c:57:34: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ssize_t bytes_read = io->read(&byte, 1, io->io_ctx);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por_read.c:66:34: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bytes_read = io->read(&byte, 1, io->io_ctx);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por_read.c:514:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
varinfo->label = realloc(varinfo->label, strlen(string) + 1);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por_read.c:610:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
input_string, strlen(input_string), ctx->converter);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por_write.c:167:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return por_write_string_field_n(writer, ctx, string, strlen(string));
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por_write.c:201:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t file_label_len = strlen(writer->file_label);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por_write.c:206:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(vanity[1] + 20, writer->file_label, 20);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por_write.c:347:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(name);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por_write.c:612:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(writer->notes[i]);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por_write.c:734:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(string);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_por_write.c:748:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(((char *)row) + bytes_written, string, len);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:170:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(&variable, sizeof(sav_variable_record_t), io->io_ctx) < sizeof(sav_variable_record_t)) {
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:176:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(&label_len, sizeof(uint32_t), io->io_ctx) < sizeof(uint32_t)) {
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:204:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(&label_len, sizeof(uint32_t), io->io_ctx) < sizeof(uint32_t)) {
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:225:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(label_buf, label_capacity, io->io_ctx) < label_capacity) {
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:252:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(info->missing_double_values, info->n_missing_values * sizeof(double), io->io_ctx)
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:283:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(missing_value, sizeof(missing_value), io->io_ctx) < sizeof(missing_value)) {
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:324:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(&variable, sizeof(sav_variable_record_t), io->io_ctx) < sizeof(sav_variable_record_t)) {
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:407:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(&label_count, sizeof(uint32_t), io->io_ctx) < sizeof(uint32_t)) {
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:421:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(&unpadded_len, 1, io->io_ctx) < 1) {
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:432:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(&rec_type, sizeof(uint32_t), io->io_ctx) < sizeof(uint32_t)) {
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:443:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(&var_count, sizeof(uint32_t), io->io_ctx) < sizeof(uint32_t)) {
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:489:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(&label_count, sizeof(uint32_t), io->io_ctx) < sizeof(uint32_t)) {
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:507:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(vlabel->raw_value, 8, io->io_ctx) < 8) {
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:511:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(&unpadded_label_len, 1, io->io_ctx) < 1) {
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:517:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(label_buf, padded_label_len, io->io_ctx) < padded_label_len) {
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:533:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(&rec_type, sizeof(int32_t), io->io_ctx) < sizeof(int32_t)) {
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:544:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(&var_count, sizeof(uint32_t), io->io_ctx) < sizeof(uint32_t)) {
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:555:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(vars, var_count * sizeof(uint32_t), io->io_ctx) < var_count * sizeof(uint32_t)) {
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:617:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(&n_lines, sizeof(uint32_t), io->io_ctx) < sizeof(uint32_t)) {
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:639:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(&n_lines, sizeof(uint32_t), io->io_ctx) < sizeof(uint32_t)) {
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:650:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(raw_buffer, SPSS_DOC_LINE_SIZE, io->io_ctx) < SPSS_DOC_LINE_SIZE) {
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:674:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(&filler, sizeof(int32_t), io->io_ctx) < sizeof(int32_t)) {
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:824:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((bytes_read = io->read(buffer, buffer_len, io->io_ctx)) != buffer_len)
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:865:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
buffer_used = io->read(buffer, sizeof(buffer), io->io_ctx);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:1267:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(&rec_type, sizeof(uint32_t), io->io_ctx) < sizeof(uint32_t)) {
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:1296:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(extra_info, sizeof(extra_info), io->io_ctx) < sizeof(extra_info)) {
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:1313:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(data_buf, data_len, io->io_ctx) < data_len) {
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:1356:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(&rec_type, sizeof(uint32_t), io->io_ctx) < sizeof(uint32_t)) {
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:1384:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(extra_info, sizeof(extra_info), io->io_ctx) < sizeof(extra_info)) {
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:1402:42: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (data_len == 0 || io->read(data_buf, data_len, io->io_ctx) < data_len) {
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_read.c:1571:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(&header, sizeof(sav_file_header_record_t), io->io_ctx) < sizeof(sav_file_header_record_t)) {
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_write.c:91:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(output);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_write.c:97:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(output);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_write.c:173:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t file_label_len = strlen(writer->file_label);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_write.c:189:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t title_data_len = strlen(title_data);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_write.c:200:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(padded_label, title_data, (label_len + 3) / 4 * 4);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_write.c:619:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(writer->notes[i]);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_write.c:770:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t title_data_len = strlen(title_data);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_write.c:799:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t title_data_len = strlen(title_data);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_write.c:859:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
info_header.count += strlen(kv_data) + sizeof(tuple_separator);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_write.c:916:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int32_t name_len = strlen(r_variable->name);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_write.c:957:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int32_t name_len = strlen(r_variable->name);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_write.c:1034:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int32_t name_len = strlen(r_variable->name);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_write.c:1070:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int32_t name_len = strlen(r_variable->name);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_write.c:1189:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t value_len = strlen(value);
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_sav_write.c:1282:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
error = sav_validate_name_length(strlen(variable->name));
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_spss.c:247:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (spss_parse_format(fmt, strlen(fmt), spss_format) != READSTAT_OK) {
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_zsav_read.c:57:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(&zheader, sizeof(struct zheader), io->io_ctx) < sizeof(struct zheader)) {
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_zsav_read.c:78:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(&ztrailer, sizeof(struct ztrailer), io->io_ctx) < sizeof(struct ztrailer)) {
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_zsav_read.c:98:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(ztrailer_entries, n_blocks * sizeof(struct ztrailer_entry), io->io_ctx) <
data/r-cran-haven-2.3.1/src/readstat/spss/readstat_zsav_read.c:131:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(compressed_block, entry->compressed_size, io->io_ctx) != entry->compressed_size) {
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_read.c:90:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(dst_buffer, dst_len, io->io_ctx) != dst_len) {
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_read.c:209:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(start, sizeof(start), io->io_ctx) != sizeof(start)) {
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_read.c:225:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(&data_type, 1, io->io_ctx) != 1) {
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_read.c:233:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(&len16, sizeof(uint16_t), io->io_ctx) != sizeof(uint16_t)) {
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_read.c:240:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(&len32, sizeof(uint32_t), io->io_ctx) != sizeof(uint32_t)) {
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_read.c:262:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(buffer, len, io->io_ctx) != len) {
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_read.c:299:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(tag);
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_read.c:300:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (ctx->io->read(buffer, len, ctx->io->io_ctx) != len) {
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_read.c:358:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(&header, sizeof(header), io->io_ctx) != sizeof(dta_117_strl_header_t)) {
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_read.c:377:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(&header, sizeof(header), io->io_ctx) != sizeof(dta_118_strl_header_t)) {
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_read.c:424:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(tag, sizeof(tag), io->io_ctx) != sizeof(tag)) {
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_read.c:455:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(&strl_ptr->data[0], strl_ptr->len, io->io_ctx) != strl_ptr->len) {
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_read.c:669:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(buf, ctx->record_len, io->io_ctx) != ctx->record_len) {
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_read.c:733:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(header, sizeof(dta_header_t), io->io_ctx) != sizeof(dta_header_t)) {
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_read.c:831:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(&label_len, sizeof(uint16_t), io->io_ctx) != sizeof(uint16_t)) {
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_read.c:838:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(&label_len_char, sizeof(unsigned char), io->io_ctx) != sizeof(unsigned char)) {
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_read.c:853:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(data_label_buffer, label_len, io->io_ctx) != label_len) {
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_read.c:861:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
label_len = strlen(data_label_buffer);
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_read.c:882:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(×tamp_len, 1, io->io_ctx) != 1) {
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_read.c:893:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(timestamp_buffer, timestamp_len, io->io_ctx) != timestamp_len) {
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_read.c:1005:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(&table_header_len, sizeof(int16_t), io->io_ctx) < sizeof(int16_t))
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_read.c:1020:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(&table_header_len, sizeof(int32_t), io->io_ctx) < sizeof(int32_t))
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_read.c:1029:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(labname, ctx->value_label_table_labname_len, io->io_ctx) < ctx->value_label_table_labname_len)
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_read.c:1040:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(table_buffer, len, io->io_ctx) < len) {
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_read.c:1142:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->read(magic, 4, io->io_ctx) != 4) {
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_write.c:72:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint8_t len = strlen(writer->file_label);
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_write.c:76:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint16_t len = strlen(writer->file_label);
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_write.c:84:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(data_label, writer->file_label, ctx->data_label_len);
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_write.c:321:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) > max_len)
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_write.c:324:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) == 0)
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_write.c:355:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(&ctx->varlist[ctx->variable_name_len*i],
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_write.c:398:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(&ctx->fmtlist[ctx->fmtlist_entry_len*i],
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_write.c:417:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(&ctx->fmtlist[ctx->fmtlist_entry_len*i],
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_write.c:443:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(&ctx->lbllist[ctx->lbllist_entry_len*i],
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_write.c:496:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(&ctx->variable_labels[ctx->variable_labels_entry_len*i],
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_write.c:530:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(writer->notes[i]);
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_write.c:541:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(buffer, "_dta", ctx->ch_metadata_len);
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_write.c:662:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(labname, r_label_set->name, ctx->value_label_table_labname_len);
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_write.c:737:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(labname, r_label_set->name, ctx->value_label_table_labname_len);
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_write.c:972:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(tag);
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_write.c:1023:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ 2 * ctx->ch_metadata_len + strlen(writer->notes[i]) + 1
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_write.c:1260:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t value_len = strlen(value);
data/r-cran-haven-2.3.1/src/readstat/stata/readstat_dta_write.c:1264:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)row, value, max_len);
data/r-cran-haven-2.3.1/src/readstat/txt/readstat_sas_commands_read.c:2908:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
parser->io->read(bytes, len, parser->io->io_ctx);
data/r-cran-haven-2.3.1/src/readstat/txt/readstat_schema.c:29:85: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
readstat_copy(entry->variable.name, sizeof(entry->variable.name), var_name, strlen(var_name));
data/r-cran-haven-2.3.1/src/readstat/txt/readstat_spss_commands_read.c:1687:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
parser->io->read(bytes, len, parser->io->io_ctx);
data/r-cran-haven-2.3.1/src/readstat/txt/readstat_stata_dictionary_read.c:479:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
parser->io->read(bytes, len, parser->io->io_ctx);
data/r-cran-haven-2.3.1/src/readstat/txt/readstat_txt_read.c:55:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((bytes_read = io->read(&value_buffer[i], 1, io->io_ctx)) == 1 && value_buffer[i++] != delimiter) {
data/r-cran-haven-2.3.1/src/readstat/txt/readstat_txt_read.c:125:38: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ssize_t bytes_read = io->read(line_buffer, line_lens[i], io->io_ctx);
data/r-cran-haven-2.3.1/src/readstat/txt/readstat_txt_read.c:149:28: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (io->read(&throwaway, 1, io->io_ctx) == 1 && throwaway != '\n');
data/r-cran-haven-2.3.1/src/readstat/txt/readstat_txt_read.c:220:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (io->read(&throwaway_char, 1, io->io_ctx) == 1 && throwaway_char != '\n');
ANALYSIS SUMMARY:
Hits = 597
Lines analyzed = 28599 in approximately 0.85 seconds (33475 lines/second)
Physical Source Lines of Code (SLOC) = 24562
Hits@level = [0] 87 [1] 168 [2] 414 [3] 0 [4] 15 [5] 0
Hits@level+ = [0+] 684 [1+] 597 [2+] 429 [3+] 15 [4+] 15 [5+] 0
Hits/KSLOC@level+ = [0+] 27.8479 [1+] 24.3058 [2+] 17.466 [3+] 0.610699 [4+] 0.610699 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.