Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/r-cran-matrixstats-0.57.0/src/rowSums2_lowlevel_template.h Examining data/r-cran-matrixstats-0.57.0/src/signTabulate.c Examining data/r-cran-matrixstats-0.57.0/src/rowMads_lowlevel.h Examining data/r-cran-matrixstats-0.57.0/src/diff2.c Examining data/r-cran-matrixstats-0.57.0/src/validateIndices.c Examining data/r-cran-matrixstats-0.57.0/src/rowMeans2.c Examining data/r-cran-matrixstats-0.57.0/src/productExpSumLog_lowlevel_template.h Examining data/r-cran-matrixstats-0.57.0/src/rowCummaxs_lowlevel.h Examining data/r-cran-matrixstats-0.57.0/src/diff2_lowlevel_template.h Examining data/r-cran-matrixstats-0.57.0/src/sum2.c Examining data/r-cran-matrixstats-0.57.0/src/x_OP_y.c Examining data/r-cran-matrixstats-0.57.0/src/logSumExp_lowlevel_template.h Examining data/r-cran-matrixstats-0.57.0/src/colRanges_lowlevel.h Examining data/r-cran-matrixstats-0.57.0/src/rowRanksWithTies.c Examining data/r-cran-matrixstats-0.57.0/src/validateIndices_lowlevel.h Examining data/r-cran-matrixstats-0.57.0/src/rowCummins_lowlevel.h Examining data/r-cran-matrixstats-0.57.0/src/colCounts_lowlevel.h Examining data/r-cran-matrixstats-0.57.0/src/rowRanksWithTies_lowlevel_template.h Examining data/r-cran-matrixstats-0.57.0/src/colRanges.c Examining data/r-cran-matrixstats-0.57.0/src/rowRanges_lowlevel.h Examining data/r-cran-matrixstats-0.57.0/src/colOrderStats.c Examining data/r-cran-matrixstats-0.57.0/src/rowCumsums_lowlevel.h Examining data/r-cran-matrixstats-0.57.0/src/rowCumsums_lowlevel_template.h Examining data/r-cran-matrixstats-0.57.0/src/000.templates-types.h Examining data/r-cran-matrixstats-0.57.0/src/logSumExp.c Examining data/r-cran-matrixstats-0.57.0/src/sum2_lowlevel.h Examining data/r-cran-matrixstats-0.57.0/src/rowOrderStats_lowlevel.h Examining data/r-cran-matrixstats-0.57.0/src/binCounts_lowlevel.h Examining data/r-cran-matrixstats-0.57.0/src/rowVars_lowlevel_template.h Examining data/r-cran-matrixstats-0.57.0/src/000.templates-gen-matrix-vector.h Examining data/r-cran-matrixstats-0.57.0/src/rowCounts.c Examining data/r-cran-matrixstats-0.57.0/src/rowSums2.c Examining data/r-cran-matrixstats-0.57.0/src/mean2_lowlevel_template.h Examining data/r-cran-matrixstats-0.57.0/src/rowCumprods_lowlevel.h Examining data/r-cran-matrixstats-0.57.0/src/000.templates-gen-vector.h Examining data/r-cran-matrixstats-0.57.0/src/productExpSumLog_lowlevel.h Examining data/r-cran-matrixstats-0.57.0/src/mean2.c Examining data/r-cran-matrixstats-0.57.0/src/colOrderStats_lowlevel.h Examining data/r-cran-matrixstats-0.57.0/src/rowMedians_lowlevel.h Examining data/r-cran-matrixstats-0.57.0/src/diff2_lowlevel.h Examining data/r-cran-matrixstats-0.57.0/src/rowCumprods_lowlevel_template.h Examining data/r-cran-matrixstats-0.57.0/src/000.templates-types_undef.h Examining data/r-cran-matrixstats-0.57.0/src/rowCummins.c Examining data/r-cran-matrixstats-0.57.0/src/rowRanksWithTies_lowlevel.h Examining data/r-cran-matrixstats-0.57.0/src/colOrderStats_lowlevel_template.h Examining data/r-cran-matrixstats-0.57.0/src/productExpSumLog.c Examining data/r-cran-matrixstats-0.57.0/src/rowLogSumExp_lowlevel.h Examining data/r-cran-matrixstats-0.57.0/src/rowDiffs_lowlevel.h Examining data/r-cran-matrixstats-0.57.0/src/rowVars_lowlevel.h Examining data/r-cran-matrixstats-0.57.0/src/rowVars.c Examining data/r-cran-matrixstats-0.57.0/src/rowCummaxs.c Examining data/r-cran-matrixstats-0.57.0/src/signTabulate_lowlevel_template.h Examining data/r-cran-matrixstats-0.57.0/src/x_OP_y_lowlevel_template.h Examining data/r-cran-matrixstats-0.57.0/src/indexByRow.c Examining data/r-cran-matrixstats-0.57.0/src/rowOrderStats_lowlevel_template.h Examining data/r-cran-matrixstats-0.57.0/src/binCounts.c Examining data/r-cran-matrixstats-0.57.0/src/binMeans.c Examining data/r-cran-matrixstats-0.57.0/src/rowLogSumExp_lowlevel_template.h Examining data/r-cran-matrixstats-0.57.0/src/rowCounts_lowlevel.h Examining data/r-cran-matrixstats-0.57.0/src/rowMeans2_lowlevel_template.h Examining data/r-cran-matrixstats-0.57.0/src/anyMissing_lowlevel_template.h Examining data/r-cran-matrixstats-0.57.0/src/rowSums2_lowlevel.h Examining data/r-cran-matrixstats-0.57.0/src/binCounts_lowlevel_template.h Examining data/r-cran-matrixstats-0.57.0/src/rowMads_lowlevel_template.h Examining data/r-cran-matrixstats-0.57.0/src/mean2_lowlevel.h Examining data/r-cran-matrixstats-0.57.0/src/000.utils.h Examining data/r-cran-matrixstats-0.57.0/src/rowCounts_lowlevel_template.h Examining data/r-cran-matrixstats-0.57.0/src/rowMedians_lowlevel_template.h Examining data/r-cran-matrixstats-0.57.0/src/psortKM.c Examining data/r-cran-matrixstats-0.57.0/src/sum2_lowlevel_template.h Examining data/r-cran-matrixstats-0.57.0/src/colCounts.c Examining data/r-cran-matrixstats-0.57.0/src/logSumExp_lowlevel.h Examining data/r-cran-matrixstats-0.57.0/src/rowCumprods.c Examining data/r-cran-matrixstats-0.57.0/src/weightedMedian_lowlevel_template.h Examining data/r-cran-matrixstats-0.57.0/src/rowDiffs.c Examining data/r-cran-matrixstats-0.57.0/src/x_OP_y_lowlevel.h Examining data/r-cran-matrixstats-0.57.0/src/binMeans_lowlevel_template.h Examining data/r-cran-matrixstats-0.57.0/src/weightedMedian_lowlevel.h Examining data/r-cran-matrixstats-0.57.0/src/allocMatrix2.c Examining data/r-cran-matrixstats-0.57.0/src/rowMads.c Examining data/r-cran-matrixstats-0.57.0/src/000.init.c Examining data/r-cran-matrixstats-0.57.0/src/weightedMean.c Examining data/r-cran-matrixstats-0.57.0/src/000.types.h Examining data/r-cran-matrixstats-0.57.0/src/rowCumMinMaxs_lowlevel_template.h Examining data/r-cran-matrixstats-0.57.0/src/rowMedians.c Examining data/r-cran-matrixstats-0.57.0/src/weightedMean_lowlevel.h Examining data/r-cran-matrixstats-0.57.0/src/rowRanges_lowlevel_template.h Examining data/r-cran-matrixstats-0.57.0/src/colCounts_lowlevel_template.h Examining data/r-cran-matrixstats-0.57.0/src/rowCumsums.c Examining data/r-cran-matrixstats-0.57.0/src/weightedMedian.c Examining data/r-cran-matrixstats-0.57.0/src/000.macros.h Examining data/r-cran-matrixstats-0.57.0/src/rowOrderStats.c Examining data/r-cran-matrixstats-0.57.0/src/rowLogSumExp.c Examining data/r-cran-matrixstats-0.57.0/src/rowRanges.c Examining data/r-cran-matrixstats-0.57.0/src/anyMissing_lowlevel.h Examining data/r-cran-matrixstats-0.57.0/src/000.templates-gen-matrix.h Examining data/r-cran-matrixstats-0.57.0/src/rowMeans2_lowlevel.h Examining data/r-cran-matrixstats-0.57.0/src/anyMissing.c Examining data/r-cran-matrixstats-0.57.0/src/binMeans_lowlevel.h Examining data/r-cran-matrixstats-0.57.0/src/000.api.h Examining data/r-cran-matrixstats-0.57.0/src/weightedMean_lowlevel_template.h Examining data/r-cran-matrixstats-0.57.0/src/colRanges_lowlevel_template.h Examining data/r-cran-matrixstats-0.57.0/src/signTabulate_lowlevel.h Examining data/r-cran-matrixstats-0.57.0/src/rowDiffs_lowlevel_template.h Examining data/r-cran-matrixstats-0.57.0/src/validateIndices_lowlevel_template.h FINAL RESULTS: data/r-cran-matrixstats-0.57.0/src/validateIndices.c:206:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(INTEGER(ans), cidxs, ansNidxs*sizeof(int)); data/r-cran-matrixstats-0.57.0/src/validateIndices.c:214:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(REAL(ans), cidxs, ansNidxs*sizeof(double)); ANALYSIS SUMMARY: Hits = 2 Lines analyzed = 10147 in approximately 0.45 seconds (22644 lines/second) Physical Source Lines of Code (SLOC) = 5812 Hits@level = [0] 0 [1] 0 [2] 2 [3] 0 [4] 0 [5] 0 Hits@level+ = [0+] 2 [1+] 2 [2+] 2 [3+] 0 [4+] 0 [5+] 0 Hits/KSLOC@level+ = [0+] 0.344116 [1+] 0.344116 [2+] 0.344116 [3+] 0 [4+] 0 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.