Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/r-cran-hdf5-1.6.10/src/hdf5.c
FINAL RESULTS:
data/r-cran-hdf5-1.6.10/src/hdf5.c:77:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name, "%s_", name);
data/r-cran-hdf5-1.6.10/src/hdf5.c:143:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*ptr, cstring);
data/r-cran-hdf5-1.6.10/src/hdf5.c:915:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ((char *)ptr, CHAR (stritem));
data/r-cran-hdf5-1.6.10/src/hdf5.c:1142:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (newname,name);
data/r-cran-hdf5-1.6.10/src/hdf5.c:1442:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newname,attrName);
data/r-cran-hdf5-1.6.10/src/hdf5.c:1832:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newname,name);
data/r-cran-hdf5-1.6.10/src/hdf5.c:90:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *srcbuf[count];
data/r-cran-hdf5-1.6.10/src/hdf5.c:117:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char srcbuf[size * count], *srcptr = srcbuf;
data/r-cran-hdf5-1.6.10/src/hdf5.c:118:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstring[size+1];
data/r-cran-hdf5-1.6.10/src/hdf5.c:133:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char **ptr = &(((char **) buf)[i]);
data/r-cran-hdf5-1.6.10/src/hdf5.c:615:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((const char **) buf)[i] = CHAR (STRING_ELT (attr, i));
data/r-cran-hdf5-1.6.10/src/hdf5.c:893:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[rowcount][size];
data/r-cran-hdf5-1.6.10/src/hdf5.c:905:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ptr, &REAL (item)[ri], sizeof (double));
data/r-cran-hdf5-1.6.10/src/hdf5.c:908:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ptr, &INTEGER (item)[ri], sizeof (int));
data/r-cran-hdf5-1.6.10/src/hdf5.c:979:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[(sizeof (pos) * 8 / 3 + 1) + 1];
data/r-cran-hdf5-1.6.10/src/hdf5.c:997:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "%u", pos);
data/r-cran-hdf5-1.6.10/src/hdf5.c:1015:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buf, "%u", pos);
data/r-cran-hdf5-1.6.10/src/hdf5.c:1139:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newname[strlen(name)+16];
data/r-cran-hdf5-1.6.10/src/hdf5.c:1297:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newname[strlen(attrName) +16];
data/r-cran-hdf5-1.6.10/src/hdf5.c:1664:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char itembuf[size]; /* for overrun */
data/r-cran-hdf5-1.6.10/src/hdf5.c:1673:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (itembuf, buf + ri * size + coffset, csize); \
data/r-cran-hdf5-1.6.10/src/hdf5.c:1676:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&vecref (VECTOR_ELT (vec,ci))[ri], itembuf, dsize); \
data/r-cran-hdf5-1.6.10/src/hdf5.c:1684:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (itembuf, buf + ri * size + coffset, csize); \
data/r-cran-hdf5-1.6.10/src/hdf5.c:1830:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newname[strlen(name)+16];
data/r-cran-hdf5-1.6.10/src/hdf5.c:68:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 1; i < strlen (name); i++)
data/r-cran-hdf5-1.6.10/src/hdf5.c:72:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) == 1)
data/r-cran-hdf5-1.6.10/src/hdf5.c:100:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (destbuf, *recptr, maxlen);
data/r-cran-hdf5-1.6.10/src/hdf5.c:138:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (cstring, srcptr, size);
data/r-cran-hdf5-1.6.10/src/hdf5.c:140:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*ptr = Calloc (strlen (cstring) + 1, char);
data/r-cran-hdf5-1.6.10/src/hdf5.c:297:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen (str);
data/r-cran-hdf5-1.6.10/src/hdf5.c:732:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
H5Tset_size (stringtype, strlen (str) + 1);
data/r-cran-hdf5-1.6.10/src/hdf5.c:1139:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char newname[strlen(name)+16];
data/r-cran-hdf5-1.6.10/src/hdf5.c:1140:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memset(newname, '\0', strlen(name)+16);
data/r-cran-hdf5-1.6.10/src/hdf5.c:1297:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char newname[strlen(attrName) +16];
data/r-cran-hdf5-1.6.10/src/hdf5.c:1298:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memset(newname, '\0', strlen(attrName)+16);
data/r-cran-hdf5-1.6.10/src/hdf5.c:1441:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Rprintf ("string length of new name =%d\n",strlen(attrName)+1);
data/r-cran-hdf5-1.6.10/src/hdf5.c:1830:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char newname[strlen(name)+16];
data/r-cran-hdf5-1.6.10/src/hdf5.c:1831:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memset(newname, '\0', strlen(name)+16);
data/r-cran-hdf5-1.6.10/src/hdf5.c:1878:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(specificDataset) == 0)
ANALYSIS SUMMARY:
Hits = 39
Lines analyzed = 1903 in approximately 0.05 seconds (36729 lines/second)
Physical Source Lines of Code (SLOC) = 1559
Hits@level = [0] 0 [1] 15 [2] 18 [3] 0 [4] 6 [5] 0
Hits@level+ = [0+] 39 [1+] 39 [2+] 24 [3+] 6 [4+] 6 [5+] 0
Hits/KSLOC@level+ = [0+] 25.016 [1+] 25.016 [2+] 15.3945 [3+] 3.84862 [4+] 3.84862 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.