Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/r-cran-rpf-1.0.5+dfsg/src/dmvnorm.cpp Examining data/r-cran-rpf-1.0.5+dfsg/src/dataframe.cpp Examining data/r-cran-rpf-1.0.5+dfsg/src/diagnose.cpp Examining data/r-cran-rpf-1.0.5+dfsg/src/ba81quad.h Examining data/r-cran-rpf-1.0.5+dfsg/src/m2.cpp Examining data/r-cran-rpf-1.0.5+dfsg/src/eap.cpp Examining data/r-cran-rpf-1.0.5+dfsg/src/libifa-rpf.cpp Examining data/r-cran-rpf-1.0.5+dfsg/src/dmvnorm.h Examining data/r-cran-rpf-1.0.5+dfsg/src/rpf.h Examining data/r-cran-rpf-1.0.5+dfsg/src/RcppExports.cpp Examining data/r-cran-rpf-1.0.5+dfsg/src/glue.cpp Examining data/r-cran-rpf-1.0.5+dfsg/src/ba81quad.cpp Examining data/r-cran-rpf-1.0.5+dfsg/inst/include/libifa-rpf.h FINAL RESULTS: data/r-cran-rpf-1.0.5+dfsg/inst/include/libifa-rpf.h:49:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char name[10]; data/r-cran-rpf-1.0.5+dfsg/src/ba81quad.cpp:288:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[SMALLBUF]; data/r-cran-rpf-1.0.5+dfsg/src/diagnose.cpp:436:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[SMALLBUF]; data/r-cran-rpf-1.0.5+dfsg/src/diagnose.cpp:443:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[SMALLBUF]; data/r-cran-rpf-1.0.5+dfsg/src/diagnose.cpp:463:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out, ssProb.data(), sizeof(double) * outRows); data/r-cran-rpf-1.0.5+dfsg/src/diagnose.cpp:915:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(observed.data(), Robserved.begin(), sizeof(double) * rows * cols); data/r-cran-rpf-1.0.5+dfsg/src/diagnose.cpp:918:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(expected.data(), Rexpected.begin(), sizeof(double) * rows * cols); data/r-cran-rpf-1.0.5+dfsg/src/dmvnorm.cpp:57:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err[ERROR_LEN]; data/r-cran-rpf-1.0.5+dfsg/src/dmvnorm.cpp:79:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err[ERROR_LEN]; data/r-cran-rpf-1.0.5+dfsg/src/eap.cpp:108:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[SMALLBUF]; data/r-cran-rpf-1.0.5+dfsg/src/libifa-rpf.cpp:530:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(nparam, param, sizeof(double) * 4); data/r-cran-rpf-1.0.5+dfsg/src/libifa-rpf.cpp:1166:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(rawOut.data(), out, sizeof(double) * numParam); data/r-cran-rpf-1.0.5+dfsg/src/dataframe.cpp:25:28: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. for(j = 0; j < numcol && equal; j++) { data/r-cran-rpf-1.0.5+dfsg/src/dataframe.cpp:31:7: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if (!equal) { ANALYSIS SUMMARY: Hits = 14 Lines analyzed = 6948 in approximately 0.19 seconds (36003 lines/second) Physical Source Lines of Code (SLOC) = 5719 Hits@level = [0] 6 [1] 2 [2] 12 [3] 0 [4] 0 [5] 0 Hits@level+ = [0+] 20 [1+] 14 [2+] 12 [3+] 0 [4+] 0 [5+] 0 Hits/KSLOC@level+ = [0+] 3.49711 [1+] 2.44798 [2+] 2.09827 [3+] 0 [4+] 0 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.