Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/at-spi2-core-2.38.0/atspi/atspi-accessible-private.h
Examining data/at-spi2-core-2.38.0/atspi/atspi-accessible.c
Examining data/at-spi2-core-2.38.0/atspi/atspi-accessible.h
Examining data/at-spi2-core-2.38.0/atspi/atspi-action.c
Examining data/at-spi2-core-2.38.0/atspi/atspi-action.h
Examining data/at-spi2-core-2.38.0/atspi/atspi-application.c
Examining data/at-spi2-core-2.38.0/atspi/atspi-application.h
Examining data/at-spi2-core-2.38.0/atspi/atspi-collection.c
Examining data/at-spi2-core-2.38.0/atspi/atspi-collection.h
Examining data/at-spi2-core-2.38.0/atspi/atspi-component.c
Examining data/at-spi2-core-2.38.0/atspi/atspi-component.h
Examining data/at-spi2-core-2.38.0/atspi/atspi-constants.h
Examining data/at-spi2-core-2.38.0/atspi/atspi-device-listener-private.h
Examining data/at-spi2-core-2.38.0/atspi/atspi-device-listener.c
Examining data/at-spi2-core-2.38.0/atspi/atspi-device-listener.h
Examining data/at-spi2-core-2.38.0/atspi/atspi-document.c
Examining data/at-spi2-core-2.38.0/atspi/atspi-document.h
Examining data/at-spi2-core-2.38.0/atspi/atspi-editabletext.c
Examining data/at-spi2-core-2.38.0/atspi/atspi-editabletext.h
Examining data/at-spi2-core-2.38.0/atspi/atspi-event-listener-private.h
Examining data/at-spi2-core-2.38.0/atspi/atspi-event-listener.c
Examining data/at-spi2-core-2.38.0/atspi/atspi-event-listener.h
Examining data/at-spi2-core-2.38.0/atspi/atspi-gmain.c
Examining data/at-spi2-core-2.38.0/atspi/atspi-gmain.h
Examining data/at-spi2-core-2.38.0/atspi/atspi-hyperlink.c
Examining data/at-spi2-core-2.38.0/atspi/atspi-hyperlink.h
Examining data/at-spi2-core-2.38.0/atspi/atspi-hypertext.c
Examining data/at-spi2-core-2.38.0/atspi/atspi-hypertext.h
Examining data/at-spi2-core-2.38.0/atspi/atspi-image.c
Examining data/at-spi2-core-2.38.0/atspi/atspi-image.h
Examining data/at-spi2-core-2.38.0/atspi/atspi-matchrule-private.h
Examining data/at-spi2-core-2.38.0/atspi/atspi-matchrule.c
Examining data/at-spi2-core-2.38.0/atspi/atspi-matchrule.h
Examining data/at-spi2-core-2.38.0/atspi/atspi-misc-private.h
Examining data/at-spi2-core-2.38.0/atspi/atspi-misc.c
Examining data/at-spi2-core-2.38.0/atspi/atspi-misc.h
Examining data/at-spi2-core-2.38.0/atspi/atspi-mutter-private.h
Examining data/at-spi2-core-2.38.0/atspi/atspi-mutter.c
Examining data/at-spi2-core-2.38.0/atspi/atspi-object.c
Examining data/at-spi2-core-2.38.0/atspi/atspi-object.h
Examining data/at-spi2-core-2.38.0/atspi/atspi-private.h
Examining data/at-spi2-core-2.38.0/atspi/atspi-registry.c
Examining data/at-spi2-core-2.38.0/atspi/atspi-registry.h
Examining data/at-spi2-core-2.38.0/atspi/atspi-relation.c
Examining data/at-spi2-core-2.38.0/atspi/atspi-relation.h
Examining data/at-spi2-core-2.38.0/atspi/atspi-selection.c
Examining data/at-spi2-core-2.38.0/atspi/atspi-selection.h
Examining data/at-spi2-core-2.38.0/atspi/atspi-stateset.c
Examining data/at-spi2-core-2.38.0/atspi/atspi-stateset.h
Examining data/at-spi2-core-2.38.0/atspi/atspi-table-cell.c
Examining data/at-spi2-core-2.38.0/atspi/atspi-table-cell.h
Examining data/at-spi2-core-2.38.0/atspi/atspi-table.c
Examining data/at-spi2-core-2.38.0/atspi/atspi-table.h
Examining data/at-spi2-core-2.38.0/atspi/atspi-text.c
Examining data/at-spi2-core-2.38.0/atspi/atspi-text.h
Examining data/at-spi2-core-2.38.0/atspi/atspi-types.h
Examining data/at-spi2-core-2.38.0/atspi/atspi-value.c
Examining data/at-spi2-core-2.38.0/atspi/atspi-value.h
Examining data/at-spi2-core-2.38.0/atspi/atspi.h
Examining data/at-spi2-core-2.38.0/bus/at-spi-bus-launcher.c
Examining data/at-spi2-core-2.38.0/dbind/dbind-any.c
Examining data/at-spi2-core-2.38.0/dbind/dbind-any.h
Examining data/at-spi2-core-2.38.0/dbind/dbind.c
Examining data/at-spi2-core-2.38.0/dbind/dbind.h
Examining data/at-spi2-core-2.38.0/dbind/dbtest.c
Examining data/at-spi2-core-2.38.0/registryd/de-marshaller.c
Examining data/at-spi2-core-2.38.0/registryd/de-marshaller.h
Examining data/at-spi2-core-2.38.0/registryd/de-types.h
Examining data/at-spi2-core-2.38.0/registryd/deviceeventcontroller-x11.c
Examining data/at-spi2-core-2.38.0/registryd/deviceeventcontroller.c
Examining data/at-spi2-core-2.38.0/registryd/deviceeventcontroller.h
Examining data/at-spi2-core-2.38.0/registryd/display.c
Examining data/at-spi2-core-2.38.0/registryd/display.h
Examining data/at-spi2-core-2.38.0/registryd/event-source.c
Examining data/at-spi2-core-2.38.0/registryd/event-source.h
Examining data/at-spi2-core-2.38.0/registryd/introspection.c
Examining data/at-spi2-core-2.38.0/registryd/introspection.h
Examining data/at-spi2-core-2.38.0/registryd/keymasks.h
Examining data/at-spi2-core-2.38.0/registryd/paths.h
Examining data/at-spi2-core-2.38.0/registryd/reentrant-list.c
Examining data/at-spi2-core-2.38.0/registryd/reentrant-list.h
Examining data/at-spi2-core-2.38.0/registryd/registry-main.c
Examining data/at-spi2-core-2.38.0/registryd/registry.c
Examining data/at-spi2-core-2.38.0/registryd/registry.h
Examining data/at-spi2-core-2.38.0/registryd/ucs2keysym.c
Examining data/at-spi2-core-2.38.0/test/test-application.c
Examining data/at-spi2-core-2.38.0/test/memory.c
FINAL RESULTS:
data/at-spi2-core-2.38.0/test/memory.c:87:5: [4] (shell) execlp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execlp ("./test-application", "./test-application", NULL);
data/at-spi2-core-2.38.0/bus/at-spi-bus-launcher.c:308:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr_buf[2048];
data/at-spi2-core-2.38.0/registryd/deviceeventcontroller-x11.c:800:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cbuf [21];
data/at-spi2-core-2.38.0/registryd/deviceeventcontroller-x11.c:1190:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bytes[6];
data/at-spi2-core-2.38.0/registryd/deviceeventcontroller-x11.c:1292:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keys[32];
data/at-spi2-core-2.38.0/registryd/deviceeventcontroller.c:298:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (clone, grab_mask, sizeof (DEControllerGrabMask));
data/at-spi2-core-2.38.0/registryd/deviceeventcontroller.c:454:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(key_listener->mode, mode, sizeof(*mode));
data/at-spi2-core-2.38.0/registryd/deviceeventcontroller.c:527:22: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (clone->mode) memcpy(clone->mode, key_listener->mode, sizeof(Accessibility_EventListenerMode));
data/at-spi2-core-2.38.0/bus/at-spi-bus-launcher.c:254:41: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (max_bytes > 1 && (bytes_read = read (fd, buf, MIN (4096, max_bytes - 1))))
data/at-spi2-core-2.38.0/bus/at-spi-bus-launcher.c:497:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(guchar *) app->a11y_bus_address, strlen (app->a11y_bus_address));
data/at-spi2-core-2.38.0/registryd/deviceeventcontroller-x11.c:1186:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
maxlen = strlen (keystring) + 1;
data/at-spi2-core-2.38.0/registryd/registry.c:313:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gchar *ret = (gchar *) g_malloc (strlen (name) * 2 + 2);
ANALYSIS SUMMARY:
Hits = 12
Lines analyzed = 27327 in approximately 0.72 seconds (38092 lines/second)
Physical Source Lines of Code (SLOC) = 17359
Hits@level = [0] 83 [1] 4 [2] 7 [3] 0 [4] 1 [5] 0
Hits@level+ = [0+] 95 [1+] 12 [2+] 8 [3+] 1 [4+] 1 [5+] 0
Hits/KSLOC@level+ = [0+] 5.47267 [1+] 0.691284 [2+] 0.460856 [3+] 0.057607 [4+] 0.057607 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.