Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c
Examining data/r-cran-maptools-1.0-2+dfsg/src/Rshapewrite.c
Examining data/r-cran-maptools-1.0-2+dfsg/src/Rshapeget.c
Examining data/r-cran-maptools-1.0-2+dfsg/src/init.c
Examining data/r-cran-maptools-1.0-2+dfsg/src/Rshapewrite1.c
Examining data/r-cran-maptools-1.0-2+dfsg/src/maptools.h
Examining data/r-cran-maptools-1.0-2+dfsg/src/insiders.c
Examining data/r-cran-maptools-1.0-2+dfsg/src/Rgshhs.c
Examining data/r-cran-maptools-1.0-2+dfsg/src/Rgshhs.h
Examining data/r-cran-maptools-1.0-2+dfsg/src/shptree.c
Examining data/r-cran-maptools-1.0-2+dfsg/src/Rcentroid.c
Examining data/r-cran-maptools-1.0-2+dfsg/src/pip.c
Examining data/r-cran-maptools-1.0-2+dfsg/src/Rshapeinfo.c
Examining data/r-cran-maptools-1.0-2+dfsg/src/shapefil.h
FINAL RESULTS:
data/r-cran-maptools-1.0-2+dfsg/src/Rgshhs.c:100:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "Could not find file %s", CHAR(STRING_ELT(fn, 0)));
data/r-cran-maptools-1.0-2+dfsg/src/Rgshhs.c:337:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (msg,
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:444:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( pszBasename, pszLayer );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:458:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( pszFullname, "%s.shp", pszBasename );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:462:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( pszFullname, "%s.SHP", pszBasename );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:479:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( pszFullname, "%s.shx", pszBasename );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:483:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( pszFullname, "%s.SHX", pszBasename );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:740:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( pszBasename, pszLayer );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:753:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( pszFullname, "%s.shp", pszBasename );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:765:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( pszFullname, "%s.shx", pszBasename );
data/r-cran-maptools-1.0-2+dfsg/src/Rgshhs.c:86:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[255];
data/r-cran-maptools-1.0-2+dfsg/src/Rgshhs.c:87:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *name[2] = {"polygon", "line"};
data/r-cran-maptools-1.0-2+dfsg/src/Rgshhs.c:98:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen (CHAR(STRING_ELT(fn, 0)), "rb");
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:218:29: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define ByteCopy( a, b, c ) memcpy( b, a, c )
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:459:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
psSHP->fpSHP = fopen(pszFullname, pszAccess );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:463:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
psSHP->fpSHP = fopen(pszFullname, pszAccess );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:480:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
psSHP->fpSHX = fopen(pszFullname, pszAccess );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:484:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
psSHP->fpSHX = fopen(pszFullname, pszAccess );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:560:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &dValue, pabyBuf+36, 8 );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:564:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &dValue, pabyBuf+44, 8 );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:568:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &dValue, pabyBuf+52, 8 );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:572:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &dValue, pabyBuf+60, 8 );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:576:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &dValue, pabyBuf+68, 8 );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:580:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &dValue, pabyBuf+76, 8 );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:584:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &dValue, pabyBuf+84, 8 );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:588:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &dValue, pabyBuf+92, 8 );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:627:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &nOffset, pabyBuf + i * 8, 4 );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:630:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &nLength, pabyBuf + i * 8 + 4, 4 );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:754:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fpSHP = fopen(pszFullname, "wb" );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:766:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fpSHX = fopen(pszFullname, "wb" );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:1146:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( pabyRec + nRecordSize, psObject->panPartType,
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:1472:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &psShape->nSHPType, psSHP->pabyRec + 8, 4 );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:1491:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &(psShape->dfXMin), psSHP->pabyRec + 8 + 4, 8 );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:1492:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &(psShape->dfYMin), psSHP->pabyRec + 8 + 12, 8 );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:1493:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &(psShape->dfXMax), psSHP->pabyRec + 8 + 20, 8 );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:1494:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &(psShape->dfYMax), psSHP->pabyRec + 8 + 28, 8 );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:1505:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &nPoints, psSHP->pabyRec + 40 + 8, 4 );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:1506:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &nParts, psSHP->pabyRec + 36 + 8, 4 );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:1527:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( psShape->panPartStart, psSHP->pabyRec + 44 + 8, (size_t) (4 * nParts) );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:1540:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( psShape->panPartType, psSHP->pabyRec + nOffset, (size_t) (4*nParts) );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:1554:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(psShape->padfX + i,
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:1558:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(psShape->padfY + i,
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:1575:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &(psShape->dfZMin), psSHP->pabyRec + nOffset, 8 );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:1576:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &(psShape->dfZMax), psSHP->pabyRec + nOffset + 8, 8 );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:1583:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( psShape->padfZ + i,
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:1599:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &(psShape->dfMMin), psSHP->pabyRec + nOffset, 8 );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:1600:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &(psShape->dfMMax), psSHP->pabyRec + nOffset + 8, 8 );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:1607:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( psShape->padfM + i,
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:1625:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &nPoints, psSHP->pabyRec + 44, 4 );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:1636:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(psShape->padfX+i, psSHP->pabyRec + 48 + 16 * i, 8 );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:1637:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(psShape->padfY+i, psSHP->pabyRec + 48 + 16 * i + 8, 8 );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:1648:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &(psShape->dfXMin), psSHP->pabyRec + 8 + 4, 8 );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:1649:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &(psShape->dfYMin), psSHP->pabyRec + 8 + 12, 8 );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:1650:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &(psShape->dfXMax), psSHP->pabyRec + 8 + 20, 8 );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:1651:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &(psShape->dfYMax), psSHP->pabyRec + 8 + 28, 8 );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:1663:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &(psShape->dfZMin), psSHP->pabyRec + nOffset, 8 );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:1664:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &(psShape->dfZMax), psSHP->pabyRec + nOffset + 8, 8 );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:1671:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( psShape->padfZ + i,
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:1687:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &(psShape->dfMMin), psSHP->pabyRec + nOffset, 8 );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:1688:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &(psShape->dfMMax), psSHP->pabyRec + nOffset + 8, 8 );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:1695:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( psShape->padfM + i,
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:1717:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( psShape->padfX, psSHP->pabyRec + 12, 8 );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:1718:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( psShape->padfY, psSHP->pabyRec + 20, 8 );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:1730:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( psShape->padfZ, psSHP->pabyRec + nOffset, 8 );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:1745:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( psShape->padfM, psSHP->pabyRec + nOffset, 8 );
data/r-cran-maptools-1.0-2+dfsg/src/shptree.c:139:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( psTreeNode->adfBoundsMin, padfBoundsMin, sizeof(double) * 4 );
data/r-cran-maptools-1.0-2+dfsg/src/shptree.c:142:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( psTreeNode->adfBoundsMax, padfBoundsMax, sizeof(double) * 4 );
data/r-cran-maptools-1.0-2+dfsg/src/shptree.c:350:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( padfBoundsMin1, padfBoundsMinIn, sizeof(double) * 4 );
data/r-cran-maptools-1.0-2+dfsg/src/shptree.c:351:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( padfBoundsMax1, padfBoundsMaxIn, sizeof(double) * 4 );
data/r-cran-maptools-1.0-2+dfsg/src/shptree.c:352:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( padfBoundsMin2, padfBoundsMinIn, sizeof(double) * 4 );
data/r-cran-maptools-1.0-2+dfsg/src/shptree.c:353:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( padfBoundsMax2, padfBoundsMaxIn, sizeof(double) * 4 );
data/r-cran-maptools-1.0-2+dfsg/src/shptree.c:707:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
temp = ((unsigned char *) wordP)[i];
data/r-cran-maptools-1.0-2+dfsg/src/shptree.c:708:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)wordP)[i] = ((unsigned char *) wordP)[length-i-1];
data/r-cran-maptools-1.0-2+dfsg/src/shptree.c:708:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)wordP)[i] = ((unsigned char *) wordP)[length-i-1];
data/r-cran-maptools-1.0-2+dfsg/src/shptree.c:709:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *) wordP)[length-i-1] = temp;
data/r-cran-maptools-1.0-2+dfsg/src/shptree.c:811:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char abyBuf[16];
data/r-cran-maptools-1.0-2+dfsg/src/shptree.c:903:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( pabyRec, &offset, 4);
data/r-cran-maptools-1.0-2+dfsg/src/shptree.c:906:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( pabyRec+ 4, node->adfBoundsMin+0, sizeof(double) );
data/r-cran-maptools-1.0-2+dfsg/src/shptree.c:907:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( pabyRec+12, node->adfBoundsMin+1, sizeof(double) );
data/r-cran-maptools-1.0-2+dfsg/src/shptree.c:908:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( pabyRec+20, node->adfBoundsMax+0, sizeof(double) );
data/r-cran-maptools-1.0-2+dfsg/src/shptree.c:909:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( pabyRec+28, node->adfBoundsMax+1, sizeof(double) );
data/r-cran-maptools-1.0-2+dfsg/src/shptree.c:911:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( pabyRec+36, &node->nShapeCount, 4);
data/r-cran-maptools-1.0-2+dfsg/src/shptree.c:913:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( pabyRec+40, node->panShapeIds, (size_t) j);
data/r-cran-maptools-1.0-2+dfsg/src/shptree.c:914:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( pabyRec+j+40, &node->nSubNodes, 4);
data/r-cran-maptools-1.0-2+dfsg/src/shptree.c:932:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char signature[4] = "SQT";
data/r-cran-maptools-1.0-2+dfsg/src/shptree.c:934:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char abyBuf[32];
data/r-cran-maptools-1.0-2+dfsg/src/shptree.c:940:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "wb");
data/r-cran-maptools-1.0-2+dfsg/src/shptree.c:958:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( abyBuf+0, signature, 3 );
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:443:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pszBasename = (char *) malloc((size_t) (strlen(pszLayer)+5));
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:445:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for( i = (int) strlen(pszBasename)-1;
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:457:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pszFullname = (char *) malloc((size_t) (strlen(pszBasename) + 5));
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:739:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pszBasename = (char *) malloc((size_t) (strlen(pszLayer)+5));
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:741:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for( i = (int) strlen(pszBasename)-1;
data/r-cran-maptools-1.0-2+dfsg/src/shpopen.c:752:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pszFullname = (char *) malloc((size_t) (strlen(pszBasename) + 5));
ANALYSIS SUMMARY:
Hits = 94
Lines analyzed = 5238 in approximately 0.18 seconds (28396 lines/second)
Physical Source Lines of Code (SLOC) = 3030
Hits@level = [0] 16 [1] 6 [2] 78 [3] 0 [4] 10 [5] 0
Hits@level+ = [0+] 110 [1+] 94 [2+] 88 [3+] 10 [4+] 10 [5+] 0
Hits/KSLOC@level+ = [0+] 36.3036 [1+] 31.0231 [2+] 29.0429 [3+] 3.30033 [4+] 3.30033 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.