Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/r-cran-rncl-0.8.4/src/nxsunalignedblock.cpp Examining data/r-cran-rncl-0.8.4/src/nxstaxaassociationblock.cpp Examining data/r-cran-rncl-0.8.4/src/nxsdistancedatum.cpp Examining data/r-cran-rncl-0.8.4/src/nxsexception.cpp Examining data/r-cran-rncl-0.8.4/src/GetNCL.cpp Examining data/r-cran-rncl-0.8.4/src/nxsdatablock.cpp Examining data/r-cran-rncl-0.8.4/src/nxsreader.cpp Examining data/r-cran-rncl-0.8.4/src/ncl/nxscxxdiscretematrix.h Examining data/r-cran-rncl-0.8.4/src/ncl/nxsdefs.h Examining data/r-cran-rncl-0.8.4/src/ncl/nxsmultiformat.h Examining data/r-cran-rncl-0.8.4/src/ncl/nxsemptyblock.h Examining data/r-cran-rncl-0.8.4/src/ncl/nxsexception.h Examining data/r-cran-rncl-0.8.4/src/ncl/nxstaxablock.h Examining data/r-cran-rncl-0.8.4/src/ncl/nxsstring.h Examining data/r-cran-rncl-0.8.4/src/ncl/nxscdiscretematrix.h Examining data/r-cran-rncl-0.8.4/src/ncl/nxspublicblocks.h Examining data/r-cran-rncl-0.8.4/src/ncl/nxsdistancedatum.h Examining data/r-cran-rncl-0.8.4/src/ncl/nxsindent.h Examining data/r-cran-rncl-0.8.4/src/ncl/nxstoken.h Examining data/r-cran-rncl-0.8.4/src/ncl/nxsdiscretedatum.h Examining data/r-cran-rncl-0.8.4/src/ncl/nxsblock.h Examining data/r-cran-rncl-0.8.4/src/ncl/nxsallocatematrix.h Examining data/r-cran-rncl-0.8.4/src/ncl/nxsassumptionsblock.h Examining data/r-cran-rncl-0.8.4/src/ncl/nxscharactersblock.h Examining data/r-cran-rncl-0.8.4/src/ncl/nxsdiscretematrix.h Examining data/r-cran-rncl-0.8.4/src/ncl/nxstaxaassociationblock.h Examining data/r-cran-rncl-0.8.4/src/ncl/nxsdistancesblock.h Examining data/r-cran-rncl-0.8.4/src/ncl/nxstreesblock.h Examining data/r-cran-rncl-0.8.4/src/ncl/nxsdatablock.h Examining data/r-cran-rncl-0.8.4/src/ncl/nxsunalignedblock.h Examining data/r-cran-rncl-0.8.4/src/ncl/nxssetreader.h Examining data/r-cran-rncl-0.8.4/src/ncl/ncl.h Examining data/r-cran-rncl-0.8.4/src/ncl/nxsutilcopy.h Examining data/r-cran-rncl-0.8.4/src/ncl/nxsreader.h Examining data/r-cran-rncl-0.8.4/src/collapse_singles.cpp Examining data/r-cran-rncl-0.8.4/src/nxspublicblocks.cpp Examining data/r-cran-rncl-0.8.4/src/nxstoken.cpp Examining data/r-cran-rncl-0.8.4/src/nxstaxablock.cpp Examining data/r-cran-rncl-0.8.4/src/nxsblock.cpp Examining data/r-cran-rncl-0.8.4/src/nxsemptyblock.cpp Examining data/r-cran-rncl-0.8.4/src/nxssetreader.cpp Examining data/r-cran-rncl-0.8.4/src/nxstreesblock.cpp Examining data/r-cran-rncl-0.8.4/src/rncl_init.c Examining data/r-cran-rncl-0.8.4/src/nxsstring.cpp Examining data/r-cran-rncl-0.8.4/src/nxsmultiformat.cpp Examining data/r-cran-rncl-0.8.4/src/nxsassumptionsblock.cpp Examining data/r-cran-rncl-0.8.4/src/nxscharactersblock.cpp Examining data/r-cran-rncl-0.8.4/src/nxsdistancesblock.cpp Examining data/r-cran-rncl-0.8.4/src/nxscxxdiscretematrix.cpp Examining data/r-cran-rncl-0.8.4/src/RcppExports.cpp FINAL RESULTS: data/r-cran-rncl-0.8.4/src/nxscharactersblock.cpp:5237:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(s, sfo.c_str()); data/r-cran-rncl-0.8.4/src/nxsstring.cpp:255:16: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # if !defined(vsnprintf) data/r-cran-rncl-0.8.4/src/nxsstring.cpp:256:12: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # define vsnprintf _vsnprintf_s data/r-cran-rncl-0.8.4/src/nxsstring.cpp:258:11: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. # define sprintf sprintf_s data/r-cran-rncl-0.8.4/src/nxsstring.cpp:260:16: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # define vsnprintf _vsnprintf data/r-cran-rncl-0.8.4/src/nxsstring.cpp:293:17: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. int nAdded = vsnprintf(buf, kInitialBufferSize, formatStr, argList); data/r-cran-rncl-0.8.4/src/GetNCL.cpp:16:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[100]; data/r-cran-rncl-0.8.4/src/GetNCL.cpp:17:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer, "%.10f", state); data/r-cran-rncl-0.8.4/src/ncl/nxsstring.h:443:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[2]; data/r-cran-rncl-0.8.4/src/ncl/nxsstring.h:467:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[81]; data/r-cran-rncl-0.8.4/src/ncl/nxsstring.h:468:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. std::sprintf(tmp, "%d", i); data/r-cran-rncl-0.8.4/src/ncl/nxsstring.h:502:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[81]; data/r-cran-rncl-0.8.4/src/ncl/nxsstring.h:503:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. std::sprintf(tmp, "%u", i); data/r-cran-rncl-0.8.4/src/ncl/nxsstring.h:514:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[81]; data/r-cran-rncl-0.8.4/src/ncl/nxsstring.h:515:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. std::sprintf(tmp, "%ld", l); data/r-cran-rncl-0.8.4/src/ncl/nxsstring.h:526:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[81]; data/r-cran-rncl-0.8.4/src/ncl/nxsstring.h:527:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. std::sprintf(tmp, "%lu", l); data/r-cran-rncl-0.8.4/src/ncl/nxstoken.h:479:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char whitespace[4]; /* stores the 3 whitespace characters: blank space, tab and newline */ data/r-cran-rncl-0.8.4/src/ncl/nxsutilcopy.h:219:22: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. return (OutIt) std::memcpy(resultP, first, ((std::size_t) (last - first)) * sizeof(*first)); data/r-cran-rncl-0.8.4/src/nxsmultiformat.cpp:1324:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). inf.open(filepath, std::ios::binary); data/r-cran-rncl-0.8.4/src/nxspublicblocks.cpp:692:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). inf.open(fn.c_str()); data/r-cran-rncl-0.8.4/src/nxspublicblocks.cpp:720:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). tnf.open(fn); data/r-cran-rncl-0.8.4/src/nxsreader.cpp:108:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). inf.open(filename, ios::binary); data/r-cran-rncl-0.8.4/src/nxsstring.cpp:211:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[81]; data/r-cran-rncl-0.8.4/src/nxsstring.cpp:216:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. std::sprintf(tmp, "%#3.6f", d); data/r-cran-rncl-0.8.4/src/nxsstring.cpp:240:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[2]; data/r-cran-rncl-0.8.4/src/nxsstring.cpp:279:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[kInitialBufferSize]; data/r-cran-rncl-0.8.4/src/nxsstring.cpp:490:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fmtstr[81]; data/r-cran-rncl-0.8.4/src/nxsstring.cpp:491:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fmtstr, "%%.%df", p); data/r-cran-rncl-0.8.4/src/nxsmultiformat.cpp:248:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). inf.read(buffer, inbuffer); data/r-cran-rncl-0.8.4/src/nxsmultiformat.cpp:272:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). inf.read(buffer + offset, inbuffer); data/r-cran-rncl-0.8.4/src/nxsmultiformat.cpp:718:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const unsigned lenFirstWord = (unsigned const)strlen(firstWord); data/r-cran-rncl-0.8.4/src/nxsreader.cpp:237:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). bool emptyTitle = strlen(title) == 0; data/r-cran-rncl-0.8.4/src/nxsstring.cpp:217:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). unsigned tmplen = (unsigned)strlen(tmp); ANALYSIS SUMMARY: Hits = 34 Lines analyzed = 31405 in approximately 0.89 seconds (35198 lines/second) Physical Source Lines of Code (SLOC) = 23175 Hits@level = [0] 0 [1] 5 [2] 23 [3] 0 [4] 6 [5] 0 Hits@level+ = [0+] 34 [1+] 34 [2+] 29 [3+] 6 [4+] 6 [5+] 0 Hits/KSLOC@level+ = [0+] 1.4671 [1+] 1.4671 [2+] 1.25135 [3+] 0.2589 [4+] 0.2589 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.