Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/at-spi2-core-2.38.0/atspi/atspi-accessible-private.h Examining data/at-spi2-core-2.38.0/atspi/atspi-accessible.c Examining data/at-spi2-core-2.38.0/atspi/atspi-accessible.h Examining data/at-spi2-core-2.38.0/atspi/atspi-action.c Examining data/at-spi2-core-2.38.0/atspi/atspi-action.h Examining data/at-spi2-core-2.38.0/atspi/atspi-application.c Examining data/at-spi2-core-2.38.0/atspi/atspi-application.h Examining data/at-spi2-core-2.38.0/atspi/atspi-collection.c Examining data/at-spi2-core-2.38.0/atspi/atspi-collection.h Examining data/at-spi2-core-2.38.0/atspi/atspi-component.c Examining data/at-spi2-core-2.38.0/atspi/atspi-component.h Examining data/at-spi2-core-2.38.0/atspi/atspi-constants.h Examining data/at-spi2-core-2.38.0/atspi/atspi-device-listener-private.h Examining data/at-spi2-core-2.38.0/atspi/atspi-device-listener.c Examining data/at-spi2-core-2.38.0/atspi/atspi-device-listener.h Examining data/at-spi2-core-2.38.0/atspi/atspi-document.c Examining data/at-spi2-core-2.38.0/atspi/atspi-document.h Examining data/at-spi2-core-2.38.0/atspi/atspi-editabletext.c Examining data/at-spi2-core-2.38.0/atspi/atspi-editabletext.h Examining data/at-spi2-core-2.38.0/atspi/atspi-event-listener-private.h Examining data/at-spi2-core-2.38.0/atspi/atspi-event-listener.c Examining data/at-spi2-core-2.38.0/atspi/atspi-event-listener.h Examining data/at-spi2-core-2.38.0/atspi/atspi-gmain.c Examining data/at-spi2-core-2.38.0/atspi/atspi-gmain.h Examining data/at-spi2-core-2.38.0/atspi/atspi-hyperlink.c Examining data/at-spi2-core-2.38.0/atspi/atspi-hyperlink.h Examining data/at-spi2-core-2.38.0/atspi/atspi-hypertext.c Examining data/at-spi2-core-2.38.0/atspi/atspi-hypertext.h Examining data/at-spi2-core-2.38.0/atspi/atspi-image.c Examining data/at-spi2-core-2.38.0/atspi/atspi-image.h Examining data/at-spi2-core-2.38.0/atspi/atspi-matchrule-private.h Examining data/at-spi2-core-2.38.0/atspi/atspi-matchrule.c Examining data/at-spi2-core-2.38.0/atspi/atspi-matchrule.h Examining data/at-spi2-core-2.38.0/atspi/atspi-misc-private.h Examining data/at-spi2-core-2.38.0/atspi/atspi-misc.c Examining data/at-spi2-core-2.38.0/atspi/atspi-misc.h Examining data/at-spi2-core-2.38.0/atspi/atspi-mutter-private.h Examining data/at-spi2-core-2.38.0/atspi/atspi-mutter.c Examining data/at-spi2-core-2.38.0/atspi/atspi-object.c Examining data/at-spi2-core-2.38.0/atspi/atspi-object.h Examining data/at-spi2-core-2.38.0/atspi/atspi-private.h Examining data/at-spi2-core-2.38.0/atspi/atspi-registry.c Examining data/at-spi2-core-2.38.0/atspi/atspi-registry.h Examining data/at-spi2-core-2.38.0/atspi/atspi-relation.c Examining data/at-spi2-core-2.38.0/atspi/atspi-relation.h Examining data/at-spi2-core-2.38.0/atspi/atspi-selection.c Examining data/at-spi2-core-2.38.0/atspi/atspi-selection.h Examining data/at-spi2-core-2.38.0/atspi/atspi-stateset.c Examining data/at-spi2-core-2.38.0/atspi/atspi-stateset.h Examining data/at-spi2-core-2.38.0/atspi/atspi-table-cell.c Examining data/at-spi2-core-2.38.0/atspi/atspi-table-cell.h Examining data/at-spi2-core-2.38.0/atspi/atspi-table.c Examining data/at-spi2-core-2.38.0/atspi/atspi-table.h Examining data/at-spi2-core-2.38.0/atspi/atspi-text.c Examining data/at-spi2-core-2.38.0/atspi/atspi-text.h Examining data/at-spi2-core-2.38.0/atspi/atspi-types.h Examining data/at-spi2-core-2.38.0/atspi/atspi-value.c Examining data/at-spi2-core-2.38.0/atspi/atspi-value.h Examining data/at-spi2-core-2.38.0/atspi/atspi.h Examining data/at-spi2-core-2.38.0/bus/at-spi-bus-launcher.c Examining data/at-spi2-core-2.38.0/dbind/dbind-any.c Examining data/at-spi2-core-2.38.0/dbind/dbind-any.h Examining data/at-spi2-core-2.38.0/dbind/dbind.c Examining data/at-spi2-core-2.38.0/dbind/dbind.h Examining data/at-spi2-core-2.38.0/dbind/dbtest.c Examining data/at-spi2-core-2.38.0/registryd/de-marshaller.c Examining data/at-spi2-core-2.38.0/registryd/de-marshaller.h Examining data/at-spi2-core-2.38.0/registryd/de-types.h Examining data/at-spi2-core-2.38.0/registryd/deviceeventcontroller-x11.c Examining data/at-spi2-core-2.38.0/registryd/deviceeventcontroller.c Examining data/at-spi2-core-2.38.0/registryd/deviceeventcontroller.h Examining data/at-spi2-core-2.38.0/registryd/display.c Examining data/at-spi2-core-2.38.0/registryd/display.h Examining data/at-spi2-core-2.38.0/registryd/event-source.c Examining data/at-spi2-core-2.38.0/registryd/event-source.h Examining data/at-spi2-core-2.38.0/registryd/introspection.c Examining data/at-spi2-core-2.38.0/registryd/introspection.h Examining data/at-spi2-core-2.38.0/registryd/keymasks.h Examining data/at-spi2-core-2.38.0/registryd/paths.h Examining data/at-spi2-core-2.38.0/registryd/reentrant-list.c Examining data/at-spi2-core-2.38.0/registryd/reentrant-list.h Examining data/at-spi2-core-2.38.0/registryd/registry-main.c Examining data/at-spi2-core-2.38.0/registryd/registry.c Examining data/at-spi2-core-2.38.0/registryd/registry.h Examining data/at-spi2-core-2.38.0/registryd/ucs2keysym.c Examining data/at-spi2-core-2.38.0/test/test-application.c Examining data/at-spi2-core-2.38.0/test/memory.c FINAL RESULTS: data/at-spi2-core-2.38.0/test/memory.c:87:5: [4] (shell) execlp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execlp ("./test-application", "./test-application", NULL); data/at-spi2-core-2.38.0/bus/at-spi-bus-launcher.c:308:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char addr_buf[2048]; data/at-spi2-core-2.38.0/registryd/deviceeventcontroller-x11.c:800:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cbuf [21]; data/at-spi2-core-2.38.0/registryd/deviceeventcontroller-x11.c:1190:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bytes[6]; data/at-spi2-core-2.38.0/registryd/deviceeventcontroller-x11.c:1292:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char keys[32]; data/at-spi2-core-2.38.0/registryd/deviceeventcontroller.c:298:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (clone, grab_mask, sizeof (DEControllerGrabMask)); data/at-spi2-core-2.38.0/registryd/deviceeventcontroller.c:454:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(key_listener->mode, mode, sizeof(*mode)); data/at-spi2-core-2.38.0/registryd/deviceeventcontroller.c:527:22: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. if (clone->mode) memcpy(clone->mode, key_listener->mode, sizeof(Accessibility_EventListenerMode)); data/at-spi2-core-2.38.0/bus/at-spi-bus-launcher.c:254:41: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (max_bytes > 1 && (bytes_read = read (fd, buf, MIN (4096, max_bytes - 1)))) data/at-spi2-core-2.38.0/bus/at-spi-bus-launcher.c:497:62: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (guchar *) app->a11y_bus_address, strlen (app->a11y_bus_address)); data/at-spi2-core-2.38.0/registryd/deviceeventcontroller-x11.c:1186:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). maxlen = strlen (keystring) + 1; data/at-spi2-core-2.38.0/registryd/registry.c:313:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gchar *ret = (gchar *) g_malloc (strlen (name) * 2 + 2); ANALYSIS SUMMARY: Hits = 12 Lines analyzed = 27327 in approximately 0.72 seconds (38092 lines/second) Physical Source Lines of Code (SLOC) = 17359 Hits@level = [0] 83 [1] 4 [2] 7 [3] 0 [4] 1 [5] 0 Hits@level+ = [0+] 95 [1+] 12 [2+] 8 [3+] 1 [4+] 1 [5+] 0 Hits/KSLOC@level+ = [0+] 5.47267 [1+] 0.691284 [2+] 0.460856 [3+] 0.057607 [4+] 0.057607 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.