Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/r-cran-jsonlite-1.7.1+dfsg/src/num_to_char.c Examining data/r-cran-jsonlite-1.7.1+dfsg/src/collapse_pretty.c Examining data/r-cran-jsonlite-1.7.1+dfsg/src/r-base64.c Examining data/r-cran-jsonlite-1.7.1+dfsg/src/base64.c Examining data/r-cran-jsonlite-1.7.1+dfsg/src/register.c Examining data/r-cran-jsonlite-1.7.1+dfsg/src/integer64_to_na.c Examining data/r-cran-jsonlite-1.7.1+dfsg/src/modp_stdint.h Examining data/r-cran-jsonlite-1.7.1+dfsg/src/parse.c Examining data/r-cran-jsonlite-1.7.1+dfsg/src/row_collapse.c Examining data/r-cran-jsonlite-1.7.1+dfsg/src/escape_chars.c Examining data/r-cran-jsonlite-1.7.1+dfsg/src/modp_numtoa.c Examining data/r-cran-jsonlite-1.7.1+dfsg/src/null_to_na.c Examining data/r-cran-jsonlite-1.7.1+dfsg/src/collapse_object.c Examining data/r-cran-jsonlite-1.7.1+dfsg/src/push_parser.h Examining data/r-cran-jsonlite-1.7.1+dfsg/src/transpose_list.c Examining data/r-cran-jsonlite-1.7.1+dfsg/src/is_datelist.c Examining data/r-cran-jsonlite-1.7.1+dfsg/src/push_parser.c Examining data/r-cran-jsonlite-1.7.1+dfsg/src/prettify.c Examining data/r-cran-jsonlite-1.7.1+dfsg/src/collapse_array.c Examining data/r-cran-jsonlite-1.7.1+dfsg/src/modp_numtoa.h Examining data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_version.c Examining data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_alloc.h Examining data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_lex.c Examining data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_lex.h Examining data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_encode.h Examining data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_alloc.c Examining data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_encode.c Examining data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_buf.h Examining data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl.c Examining data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_tree.c Examining data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_parser.h Examining data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_bytestack.h Examining data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_buf.c Examining data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_gen.c Examining data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/api/yajl_parse.h Examining data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/api/yajl_common.h Examining data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/api/yajl_tree.h Examining data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/api/yajl_gen.h Examining data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/api/yajl_version.h Examining data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_parser.c Examining data/r-cran-jsonlite-1.7.1+dfsg/src/validate.c Examining data/r-cran-jsonlite-1.7.1+dfsg/src/is_scalarlist.c Examining data/r-cran-jsonlite-1.7.1+dfsg/src/is_recordlist.c Examining data/r-cran-jsonlite-1.7.1+dfsg/src/base64.h FINAL RESULTS: data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_parser.c:96:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat((char *) str, errorType); data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_parser.c:100:13: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat((char *) str, errorText); data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_parser.c:137:17: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat((char *) newStr, (char *) str); data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_parser.c:138:17: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat((char *) newStr, text); data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_parser.c:139:17: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat((char *) newStr, arrow); data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_tree.c:35:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf sprintf_s data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_tree.c:61:13: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf ((ctx)->errbuf, (ctx)->errbuf_size, __VA_ARGS__); \ data/r-cran-jsonlite-1.7.1+dfsg/src/base64.c:11:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char base64_table[64] = data/r-cran-jsonlite-1.7.1+dfsg/src/base64.c:95:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char dtable[256], *out, *pos, in[4], block[4], tmp; data/r-cran-jsonlite-1.7.1+dfsg/src/collapse_array.c:23:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(++s, translateCharUTF8(STRING_ELT(x, i)), size); data/r-cran-jsonlite-1.7.1+dfsg/src/collapse_object.c:31:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(++s, translateCharUTF8(STRING_ELT(x, i)), size); data/r-cran-jsonlite-1.7.1+dfsg/src/collapse_object.c:39:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(++s, translateCharUTF8(STRING_ELT(y, i)), size); data/r-cran-jsonlite-1.7.1+dfsg/src/collapse_pretty.c:15:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(*cur, val, n); data/r-cran-jsonlite-1.7.1+dfsg/src/escape_chars.c:90:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(outcur, "\\u%04x", *cur); data/r-cran-jsonlite-1.7.1+dfsg/src/integer64_to_na.c:9:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[32]; data/r-cran-jsonlite-1.7.1+dfsg/src/modp_numtoa.c:164:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, "%e", neg ? -value : value); data/r-cran-jsonlite-1.7.1+dfsg/src/modp_numtoa.c:268:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, "%e", neg ? -value : value); data/r-cran-jsonlite-1.7.1+dfsg/src/num_to_char.c:11:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[32]; data/r-cran-jsonlite-1.7.1+dfsg/src/num_to_char.c:71:11: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(buf, ".0"); data/r-cran-jsonlite-1.7.1+dfsg/src/parse.c:33:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errbuf[1024]; data/r-cran-jsonlite-1.7.1+dfsg/src/parse.c:59:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[32]; data/r-cran-jsonlite-1.7.1+dfsg/src/push_parser.c:12:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errbuf[bufsize]; data/r-cran-jsonlite-1.7.1+dfsg/src/r-base64.c:29:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(RAW(res), out, outlen); data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl.c:67:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void *) &(hand->alloc), (void *) afs, sizeof(yajl_alloc_funcs)); data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_buf.c:76:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf->data + buf->used, data, len); data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_encode.c:40:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hexBuf[7]; data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_encode.c:124:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char utf8Buf[5]; data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_gen.c:119:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void *) &(g->alloc), (void *) afs, sizeof(yajl_alloc_funcs)); data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_gen.c:211:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char i[32]; data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_gen.c:213:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(i, "%lld", number); data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_gen.c:229:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char i[32]; data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_gen.c:233:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(i, "%.20g", number); data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_gen.c:235:9: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(i, ".0"); data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_lex.c:138:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char charLookupTable[256] = data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_parser.c:72:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char text[72]; data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_parser.c:97:9: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat((char *) str, " error"); data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_parser.c:99:13: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat((char *) str, ": "); data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_tree.c:292:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(v->u.string, string, string_length); data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_tree.c:313:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(v->u.number.r, string, string_length); data/r-cran-jsonlite-1.7.1+dfsg/src/collapse_array.c:13:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). nchar_total += strlen(translateCharUTF8(STRING_ELT(x, i))); data/r-cran-jsonlite-1.7.1+dfsg/src/collapse_array.c:22:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size = strlen(translateCharUTF8(STRING_ELT(x, i))); data/r-cran-jsonlite-1.7.1+dfsg/src/collapse_object.c:17:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). nchar_total += strlen(translateCharUTF8(STRING_ELT(x, i))); data/r-cran-jsonlite-1.7.1+dfsg/src/collapse_object.c:18:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). nchar_total += strlen(translateCharUTF8(STRING_ELT(y, i))); data/r-cran-jsonlite-1.7.1+dfsg/src/collapse_object.c:30:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size = strlen(translateCharUTF8(STRING_ELT(x, i))); data/r-cran-jsonlite-1.7.1+dfsg/src/collapse_object.c:38:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size = strlen(translateCharUTF8(STRING_ELT(y, i))); data/r-cran-jsonlite-1.7.1+dfsg/src/collapse_pretty.c:14:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n = strlen(val); data/r-cran-jsonlite-1.7.1+dfsg/src/collapse_pretty.c:36:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). nchar_total += strlen(translateCharUTF8(STRING_ELT(x, i))); data/r-cran-jsonlite-1.7.1+dfsg/src/collapse_pretty.c:37:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). nchar_total += strlen(translateCharUTF8(STRING_ELT(y, i))); data/r-cran-jsonlite-1.7.1+dfsg/src/collapse_pretty.c:87:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). nchar_total += strlen(translateCharUTF8(STRING_ELT(x, i))); data/r-cran-jsonlite-1.7.1+dfsg/src/collapse_pretty.c:138:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). nchar_total += strlen(translateCharUTF8(STRING_ELT(x, i))); data/r-cran-jsonlite-1.7.1+dfsg/src/modp_numtoa.c:165:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return strlen(str); data/r-cran-jsonlite-1.7.1+dfsg/src/modp_numtoa.c:269:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return strlen(str); data/r-cran-jsonlite-1.7.1+dfsg/src/num_to_char.c:70:56: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(always_dec && strspn(buf, "0123456789-") == strlen(buf)){ data/r-cran-jsonlite-1.7.1+dfsg/src/prettify.c:112:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t rd = strlen(json); data/r-cran-jsonlite-1.7.1+dfsg/src/push_parser.c:68:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(errbuf, (char *) errstr, bufsize - 1); data/r-cran-jsonlite-1.7.1+dfsg/src/validate.c:25:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t rd = strlen(json); data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_encode.c:69:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). print(ctx, escaped, (unsigned int)strlen(escaped)); data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_encode.c:171:59: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). yajl_buf_append(buf, unescaped, (unsigned int)strlen(unescaped)); data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_gen.c:133:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (sep != NULL) g->print(g->ctx, sep, strlen(sep)); data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_gen.c:160:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (unsigned int)strlen(g->indentString)); \ data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_gen.c:214:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). g->print(g->ctx, i, (unsigned int)strlen(i)); data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_gen.c:234:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strspn(i, "0123456789-") == strlen(i)) { data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_gen.c:237:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). g->print(g->ctx, i, (unsigned int)strlen(i)); data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_gen.c:278:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). g->print(g->ctx, "null", strlen("null")); data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_gen.c:290:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). g->print(g->ctx, val, (unsigned int)strlen(val)); data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_parser.c:87:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memneeded += strlen(errorType); data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_parser.c:88:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memneeded += strlen(" error"); data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_parser.c:90:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memneeded += strlen(": "); data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_parser.c:91:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memneeded += strlen(errorText); data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_parser.c:102:9: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat((char *) str, "\n"); data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_parser.c:132:58: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). YA_MALLOC(&(hand->alloc), (unsigned int)(strlen((char *) str) + data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_parser.c:133:58: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen((char *) text) + data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_parser.c:134:58: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(arrow) + 1)); data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_tree.c:320:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(v->u.number.r)); data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_tree.c:443:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen (input)); data/r-cran-jsonlite-1.7.1+dfsg/src/yajl/yajl_tree.c:454:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(input)); ANALYSIS SUMMARY: Hits = 76 Lines analyzed = 5701 in approximately 0.16 seconds (34698 lines/second) Physical Source Lines of Code (SLOC) = 3793 Hits@level = [0] 10 [1] 37 [2] 32 [3] 0 [4] 7 [5] 0 Hits@level+ = [0+] 86 [1+] 76 [2+] 39 [3+] 7 [4+] 7 [5+] 0 Hits/KSLOC@level+ = [0+] 22.6733 [1+] 20.0369 [2+] 10.2821 [3+] 1.8455 [4+] 1.8455 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.