stdin

Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/ayatana-indicator-session-0.8.1/src/actions.c
Examining data/ayatana-indicator-session-0.8.1/src/actions.h
Examining data/ayatana-indicator-session-0.8.1/src/backend-dbus/actions.c
Examining data/ayatana-indicator-session-0.8.1/src/backend-dbus/actions.h
Examining data/ayatana-indicator-session-0.8.1/src/backend-dbus/backend-dbus.c
Examining data/ayatana-indicator-session-0.8.1/src/backend-dbus/backend-dbus.h
Examining data/ayatana-indicator-session-0.8.1/src/backend-dbus/guest.c
Examining data/ayatana-indicator-session-0.8.1/src/backend-dbus/guest.h
Examining data/ayatana-indicator-session-0.8.1/src/backend-dbus/users.c
Examining data/ayatana-indicator-session-0.8.1/src/backend-dbus/users.h
Examining data/ayatana-indicator-session-0.8.1/src/backend-dbus/utils.c
Examining data/ayatana-indicator-session-0.8.1/src/backend-dbus/utils.h
Examining data/ayatana-indicator-session-0.8.1/src/backend.h
Examining data/ayatana-indicator-session-0.8.1/src/guest.c
Examining data/ayatana-indicator-session-0.8.1/src/guest.h
Examining data/ayatana-indicator-session-0.8.1/src/main.c
Examining data/ayatana-indicator-session-0.8.1/src/recoverable-problem.c
Examining data/ayatana-indicator-session-0.8.1/src/recoverable-problem.h
Examining data/ayatana-indicator-session-0.8.1/src/service.c
Examining data/ayatana-indicator-session-0.8.1/src/service.h
Examining data/ayatana-indicator-session-0.8.1/src/users.c
Examining data/ayatana-indicator-session-0.8.1/src/users.h
Examining data/ayatana-indicator-session-0.8.1/src/utils.c
Examining data/ayatana-indicator-session-0.8.1/src/utils.h
Examining data/ayatana-indicator-session-0.8.1/tests/backend-dbus/gtest-mock-dbus-fixture.h
Examining data/ayatana-indicator-session-0.8.1/tests/backend-dbus/mock-accounts.cc
Examining data/ayatana-indicator-session-0.8.1/tests/backend-dbus/mock-accounts.h
Examining data/ayatana-indicator-session-0.8.1/tests/backend-dbus/mock-display-manager-seat.cc
Examining data/ayatana-indicator-session-0.8.1/tests/backend-dbus/mock-display-manager-seat.h
Examining data/ayatana-indicator-session-0.8.1/tests/backend-dbus/mock-end-session-dialog.cc
Examining data/ayatana-indicator-session-0.8.1/tests/backend-dbus/mock-end-session-dialog.h
Examining data/ayatana-indicator-session-0.8.1/tests/backend-dbus/mock-login1-manager.cc
Examining data/ayatana-indicator-session-0.8.1/tests/backend-dbus/mock-login1-manager.h
Examining data/ayatana-indicator-session-0.8.1/tests/backend-dbus/mock-login1-seat.cc
Examining data/ayatana-indicator-session-0.8.1/tests/backend-dbus/mock-login1-seat.h
Examining data/ayatana-indicator-session-0.8.1/tests/backend-dbus/mock-object.cc
Examining data/ayatana-indicator-session-0.8.1/tests/backend-dbus/mock-object.h
Examining data/ayatana-indicator-session-0.8.1/tests/backend-dbus/mock-screen-saver.cc
Examining data/ayatana-indicator-session-0.8.1/tests/backend-dbus/mock-screen-saver.h
Examining data/ayatana-indicator-session-0.8.1/tests/backend-dbus/mock-session-manager.cc
Examining data/ayatana-indicator-session-0.8.1/tests/backend-dbus/mock-session-manager.h
Examining data/ayatana-indicator-session-0.8.1/tests/backend-dbus/mock-unity-session.cc
Examining data/ayatana-indicator-session-0.8.1/tests/backend-dbus/mock-unity-session.h
Examining data/ayatana-indicator-session-0.8.1/tests/backend-dbus/mock-user.cc
Examining data/ayatana-indicator-session-0.8.1/tests/backend-dbus/mock-user.h
Examining data/ayatana-indicator-session-0.8.1/tests/backend-dbus/mock-webcredentials.cc
Examining data/ayatana-indicator-session-0.8.1/tests/backend-dbus/mock-webcredentials.h
Examining data/ayatana-indicator-session-0.8.1/tests/backend-dbus/test-actions.cc
Examining data/ayatana-indicator-session-0.8.1/tests/backend-dbus/test-guest.cc
Examining data/ayatana-indicator-session-0.8.1/tests/backend-dbus/test-users.cc
Examining data/ayatana-indicator-session-0.8.1/tests/backend-mock-actions.c
Examining data/ayatana-indicator-session-0.8.1/tests/backend-mock-actions.h
Examining data/ayatana-indicator-session-0.8.1/tests/backend-mock.c
Examining data/ayatana-indicator-session-0.8.1/tests/backend-mock-guest.c
Examining data/ayatana-indicator-session-0.8.1/tests/backend-mock-guest.h
Examining data/ayatana-indicator-session-0.8.1/tests/backend-mock.h
Examining data/ayatana-indicator-session-0.8.1/tests/backend-mock-users.c
Examining data/ayatana-indicator-session-0.8.1/tests/backend-mock-users.h
Examining data/ayatana-indicator-session-0.8.1/tests/gtest-dbus-fixture.h
Examining data/ayatana-indicator-session-0.8.1/tests/test-service.cc

FINAL RESULTS:

data/ayatana-indicator-session-0.8.1/src/service.c:72:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const char * const menu_names[N_PROFILES] =
data/ayatana-indicator-session-0.8.1/tests/backend-dbus/mock-login1-seat.cc:52:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char tmp[80];
data/ayatana-indicator-session-0.8.1/src/recoverable-problem.c:32:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        res = write (fd, string, strlen (string));

ANALYSIS SUMMARY:

Hits = 3
Lines analyzed = 11500 in approximately 0.27 seconds (42119 lines/second)
Physical Source Lines of Code (SLOC) = 7712
Hits@level = [0]   0 [1]   1 [2]   2 [3]   0 [4]   0 [5]   0
Hits@level+ = [0+]   3 [1+]   3 [2+]   2 [3+]   0 [4+]   0 [5+]   0
Hits/KSLOC@level+ = [0+] 0.389004 [1+] 0.389004 [2+] 0.259336 [3+]   0 [4+]   0 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.