stdin

Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/r-cran-kernlab-0.9-29/src/dtrqsol.c
Examining data/r-cran-kernlab-0.9-29/src/esa.h
Examining data/r-cran-kernlab-0.9-29/src/stack.h
Examining data/r-cran-kernlab-0.9-29/src/errorcode.h
Examining data/r-cran-kernlab-0.9-29/src/lcp.h
Examining data/r-cran-kernlab-0.9-29/src/dspcg.c
Examining data/r-cran-kernlab-0.9-29/src/iweightfactory.h
Examining data/r-cran-kernlab-0.9-29/src/isafactory.h
Examining data/r-cran-kernlab-0.9-29/src/dtrpcg.c
Examining data/r-cran-kernlab-0.9-29/src/inductionsort.h
Examining data/r-cran-kernlab-0.9-29/src/lcp.cpp
Examining data/r-cran-kernlab-0.9-29/src/cweight.cpp
Examining data/r-cran-kernlab-0.9-29/src/expdecayweight.cpp
Examining data/r-cran-kernlab-0.9-29/src/wkasailcp.h
Examining data/r-cran-kernlab-0.9-29/src/init.c
Examining data/r-cran-kernlab-0.9-29/src/ilcpfactory.h
Examining data/r-cran-kernlab-0.9-29/src/dgpnrm.c
Examining data/r-cran-kernlab-0.9-29/src/dbreakpt.c
Examining data/r-cran-kernlab-0.9-29/src/dcauchy.c
Examining data/r-cran-kernlab-0.9-29/src/svm.cpp
Examining data/r-cran-kernlab-0.9-29/src/brweight.cpp
Examining data/r-cran-kernlab-0.9-29/src/svm.h
Examining data/r-cran-kernlab-0.9-29/src/cweight.h
Examining data/r-cran-kernlab-0.9-29/src/ctable.h
Examining data/r-cran-kernlab-0.9-29/src/esa.cpp
Examining data/r-cran-kernlab-0.9-29/src/expdecayweight.h
Examining data/r-cran-kernlab-0.9-29/src/dprecond.c
Examining data/r-cran-kernlab-0.9-29/src/solvebqp.c
Examining data/r-cran-kernlab-0.9-29/src/wmsufsort.h
Examining data/r-cran-kernlab-0.9-29/src/dtron.c
Examining data/r-cran-kernlab-0.9-29/src/brweight.h
Examining data/r-cran-kernlab-0.9-29/src/msufsort.h
Examining data/r-cran-kernlab-0.9-29/src/dprsrch.c
Examining data/r-cran-kernlab-0.9-29/src/stringkernel.cpp
Examining data/r-cran-kernlab-0.9-29/src/datatype.h
Examining data/r-cran-kernlab-0.9-29/src/inductionsort.cpp
Examining data/r-cran-kernlab-0.9-29/src/wkasailcp.cpp
Examining data/r-cran-kernlab-0.9-29/src/introsort.h
Examining data/r-cran-kernlab-0.9-29/src/ctable.cpp
Examining data/r-cran-kernlab-0.9-29/src/misc.c
Examining data/r-cran-kernlab-0.9-29/src/kspectrumweight.h
Examining data/r-cran-kernlab-0.9-29/src/wmsufsort.cpp
Examining data/r-cran-kernlab-0.9-29/src/dgpstep.c
Examining data/r-cran-kernlab-0.9-29/src/stringkernel.h
Examining data/r-cran-kernlab-0.9-29/src/msufsort.cpp
Examining data/r-cran-kernlab-0.9-29/src/stringk.c
Examining data/r-cran-kernlab-0.9-29/src/kspectrumweight.cpp

FINAL RESULTS:

data/r-cran-kernlab-0.9-29/src/dprecond.c:14:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(L, A, sizeof(double)*n*n);
data/r-cran-kernlab-0.9-29/src/dprecond.c:18:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(L, A, sizeof(double)*n*n);
data/r-cran-kernlab-0.9-29/src/dprsrch.c:128:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(w, wa1, sizeof(double)*n);
data/r-cran-kernlab-0.9-29/src/dtron.c:138:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(xc, x, sizeof(double)*n);
data/r-cran-kernlab-0.9-29/src/dtron.c:155:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(wa, g, sizeof(double)*n);
data/r-cran-kernlab-0.9-29/src/dtron.c:225:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(x, xc, sizeof(double)*n);
data/r-cran-kernlab-0.9-29/src/dtrpcg.c:143:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(p, r, sizeof(double)*n);
data/r-cran-kernlab-0.9-29/src/dtrpcg.c:161:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(z, p, sizeof(double)*n);
data/r-cran-kernlab-0.9-29/src/dtrpcg.c:167:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(z, q, sizeof(double)*n);
data/r-cran-kernlab-0.9-29/src/msufsort.cpp:47:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	unsigned char array[10] = {'a', 'e', 'i', 'o', 'u', 'A', 'E', 'I', 'O', 'U'};
data/r-cran-kernlab-0.9-29/src/msufsort.h:270:38:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   union {unsigned short u; unsigned char b[2];} u16;
data/r-cran-kernlab-0.9-29/src/solvebqp.c:29:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(g, g0, sizeof(double)*n);
data/r-cran-kernlab-0.9-29/src/stack.h:163:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		    memcpy((void *)newStack, m_stack, bytesToCopy);
data/r-cran-kernlab-0.9-29/src/stringkernel.cpp:484:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ltext_size, INTEGER(vnlchar), number_ltext*sizeof(int));
data/r-cran-kernlab-0.9-29/src/svm.cpp:24:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy((void *)dst,(void *)src,sizeof(T)*n);
data/r-cran-kernlab-0.9-29/src/svm.cpp:3906:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy (param.weight, REAL(weights), param.nr_weight * sizeof(double));
data/r-cran-kernlab-0.9-29/src/svm.cpp:3908:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy (param.weight_label, INTEGER(weightlabels), param.nr_weight * sizeof(int));
data/r-cran-kernlab-0.9-29/src/svm.cpp:3918:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(prob.y, REAL(y), prob.l*sizeof(double));
data/r-cran-kernlab-0.9-29/src/svm.cpp:3930:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(weighted_C, REAL(weightedc), nr_class*sizeof(double));
data/r-cran-kernlab-0.9-29/src/svm.cpp:3939:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	  memcpy(count, INTEGER(countc), nr_class*sizeof(int));
data/r-cran-kernlab-0.9-29/src/svm.cpp:4208:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy (param.weight, REAL(weights), param.nr_weight * sizeof(double));
data/r-cran-kernlab-0.9-29/src/svm.cpp:4210:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy (param.weight_label, INTEGER(weightlabels), param.nr_weight * sizeof(int));
data/r-cran-kernlab-0.9-29/src/wmsufsort.cpp:77:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(text_copy, text, sizeof(SYMBOL) * len);
data/r-cran-kernlab-0.9-29/src/stringkernel.cpp:494:8:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if(strlen(text)!= text_size)
data/r-cran-kernlab-0.9-29/src/stringkernel.cpp:495:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      text_size= strlen(text);
data/r-cran-kernlab-0.9-29/src/stringkernel.cpp:507:7:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	  if(strlen(pattern)!=ltext_size[i])
data/r-cran-kernlab-0.9-29/src/stringkernel.cpp:508:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    ltext_size[i]= strlen(pattern);
data/r-cran-kernlab-0.9-29/src/stringkernel.cpp:514:7:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	  if(strlen(pattern)!=ltext_size[i])
data/r-cran-kernlab-0.9-29/src/stringkernel.cpp:515:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    ltext_size[i]= strlen(pattern);

ANALYSIS SUMMARY:

Hits = 29
Lines analyzed = 11795 in approximately 0.27 seconds (43854 lines/second)
Physical Source Lines of Code (SLOC) = 6927
Hits@level = [0]   0 [1]   6 [2]  23 [3]   0 [4]   0 [5]   0
Hits@level+ = [0+]  29 [1+]  29 [2+]  23 [3+]   0 [4+]   0 [5+]   0
Hits/KSLOC@level+ = [0+] 4.18652 [1+] 4.18652 [2+] 3.32034 [3+]   0 [4+]   0 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.