Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/r-cran-hdf5-1.6.10/src/hdf5.c FINAL RESULTS: data/r-cran-hdf5-1.6.10/src/hdf5.c:77:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(name, "%s_", name); data/r-cran-hdf5-1.6.10/src/hdf5.c:143:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (*ptr, cstring); data/r-cran-hdf5-1.6.10/src/hdf5.c:915:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy ((char *)ptr, CHAR (stritem)); data/r-cran-hdf5-1.6.10/src/hdf5.c:1142:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (newname,name); data/r-cran-hdf5-1.6.10/src/hdf5.c:1442:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(newname,attrName); data/r-cran-hdf5-1.6.10/src/hdf5.c:1832:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(newname,name); data/r-cran-hdf5-1.6.10/src/hdf5.c:90:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *srcbuf[count]; data/r-cran-hdf5-1.6.10/src/hdf5.c:117:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char srcbuf[size * count], *srcptr = srcbuf; data/r-cran-hdf5-1.6.10/src/hdf5.c:118:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cstring[size+1]; data/r-cran-hdf5-1.6.10/src/hdf5.c:133:21: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char **ptr = &(((char **) buf)[i]); data/r-cran-hdf5-1.6.10/src/hdf5.c:615:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. ((const char **) buf)[i] = CHAR (STRING_ELT (attr, i)); data/r-cran-hdf5-1.6.10/src/hdf5.c:893:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[rowcount][size]; data/r-cran-hdf5-1.6.10/src/hdf5.c:905:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (ptr, &REAL (item)[ri], sizeof (double)); data/r-cran-hdf5-1.6.10/src/hdf5.c:908:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (ptr, &INTEGER (item)[ri], sizeof (int)); data/r-cran-hdf5-1.6.10/src/hdf5.c:979:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[(sizeof (pos) * 8 / 3 + 1) + 1]; data/r-cran-hdf5-1.6.10/src/hdf5.c:997:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%u", pos); data/r-cran-hdf5-1.6.10/src/hdf5.c:1015:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%u", pos); data/r-cran-hdf5-1.6.10/src/hdf5.c:1139:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newname[strlen(name)+16]; data/r-cran-hdf5-1.6.10/src/hdf5.c:1297:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newname[strlen(attrName) +16]; data/r-cran-hdf5-1.6.10/src/hdf5.c:1664:28: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char itembuf[size]; /* for overrun */ data/r-cran-hdf5-1.6.10/src/hdf5.c:1673:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (itembuf, buf + ri * size + coffset, csize); \ data/r-cran-hdf5-1.6.10/src/hdf5.c:1676:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&vecref (VECTOR_ELT (vec,ci))[ri], itembuf, dsize); \ data/r-cran-hdf5-1.6.10/src/hdf5.c:1684:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (itembuf, buf + ri * size + coffset, csize); \ data/r-cran-hdf5-1.6.10/src/hdf5.c:1830:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newname[strlen(name)+16]; data/r-cran-hdf5-1.6.10/src/hdf5.c:68:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = 1; i < strlen (name); i++) data/r-cran-hdf5-1.6.10/src/hdf5.c:72:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(name) == 1) data/r-cran-hdf5-1.6.10/src/hdf5.c:100:11: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (destbuf, *recptr, maxlen); data/r-cran-hdf5-1.6.10/src/hdf5.c:138:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (cstring, srcptr, size); data/r-cran-hdf5-1.6.10/src/hdf5.c:140:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). *ptr = Calloc (strlen (cstring) + 1, char); data/r-cran-hdf5-1.6.10/src/hdf5.c:297:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t len = strlen (str); data/r-cran-hdf5-1.6.10/src/hdf5.c:732:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). H5Tset_size (stringtype, strlen (str) + 1); data/r-cran-hdf5-1.6.10/src/hdf5.c:1139:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char newname[strlen(name)+16]; data/r-cran-hdf5-1.6.10/src/hdf5.c:1140:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memset(newname, '\0', strlen(name)+16); data/r-cran-hdf5-1.6.10/src/hdf5.c:1297:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char newname[strlen(attrName) +16]; data/r-cran-hdf5-1.6.10/src/hdf5.c:1298:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memset(newname, '\0', strlen(attrName)+16); data/r-cran-hdf5-1.6.10/src/hdf5.c:1441:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). Rprintf ("string length of new name =%d\n",strlen(attrName)+1); data/r-cran-hdf5-1.6.10/src/hdf5.c:1830:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char newname[strlen(name)+16]; data/r-cran-hdf5-1.6.10/src/hdf5.c:1831:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memset(newname, '\0', strlen(name)+16); data/r-cran-hdf5-1.6.10/src/hdf5.c:1878:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(specificDataset) == 0) ANALYSIS SUMMARY: Hits = 39 Lines analyzed = 1903 in approximately 0.05 seconds (36729 lines/second) Physical Source Lines of Code (SLOC) = 1559 Hits@level = [0] 0 [1] 15 [2] 18 [3] 0 [4] 6 [5] 0 Hits@level+ = [0+] 39 [1+] 39 [2+] 24 [3+] 6 [4+] 6 [5+] 0 Hits/KSLOC@level+ = [0+] 25.016 [1+] 25.016 [2+] 15.3945 [3+] 3.84862 [4+] 3.84862 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.