Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/byzanz-0.3.0+git20160312/gifenc/gifenc.c Examining data/byzanz-0.3.0+git20160312/gifenc/gifenc.h Examining data/byzanz-0.3.0+git20160312/gifenc/quantize.c Examining data/byzanz-0.3.0+git20160312/src/byzanzapplet.c Examining data/byzanz-0.3.0+git20160312/src/byzanzencoderbyzanz.c Examining data/byzanz-0.3.0+git20160312/src/byzanzencoderbyzanz.h Examining data/byzanz-0.3.0+git20160312/src/byzanzencoder.c Examining data/byzanz-0.3.0+git20160312/src/byzanzencoderflv.h Examining data/byzanz-0.3.0+git20160312/src/byzanzencodergif.c Examining data/byzanz-0.3.0+git20160312/src/byzanzencodergif.h Examining data/byzanz-0.3.0+git20160312/src/byzanzencodergstreamer.c Examining data/byzanz-0.3.0+git20160312/src/byzanzencodergstreamer.h Examining data/byzanz-0.3.0+git20160312/src/byzanzencoder.h Examining data/byzanz-0.3.0+git20160312/src/byzanzencoderogv.h Examining data/byzanz-0.3.0+git20160312/src/byzanzencoderwebm.c Examining data/byzanz-0.3.0+git20160312/src/byzanzencoderwebm.h Examining data/byzanz-0.3.0+git20160312/src/byzanzlayer.c Examining data/byzanz-0.3.0+git20160312/src/byzanzlayercursor.c Examining data/byzanz-0.3.0+git20160312/src/byzanzlayercursor.h Examining data/byzanz-0.3.0+git20160312/src/byzanzlayer.h Examining data/byzanz-0.3.0+git20160312/src/byzanzlayerwindow.c Examining data/byzanz-0.3.0+git20160312/src/byzanzlayerwindow.h Examining data/byzanz-0.3.0+git20160312/src/byzanzqueue.c Examining data/byzanz-0.3.0+git20160312/src/byzanzqueue.h Examining data/byzanz-0.3.0+git20160312/src/byzanzqueueinputstream.c Examining data/byzanz-0.3.0+git20160312/src/byzanzqueueinputstream.h Examining data/byzanz-0.3.0+git20160312/src/byzanzqueueoutputstream.c Examining data/byzanz-0.3.0+git20160312/src/byzanzqueueoutputstream.h Examining data/byzanz-0.3.0+git20160312/src/byzanzrecorder.c Examining data/byzanz-0.3.0+git20160312/src/byzanzrecorder.h Examining data/byzanz-0.3.0+git20160312/src/byzanzselect.c Examining data/byzanz-0.3.0+git20160312/src/byzanzselect.h Examining data/byzanz-0.3.0+git20160312/src/byzanzserialize.c Examining data/byzanz-0.3.0+git20160312/src/byzanzserialize.h Examining data/byzanz-0.3.0+git20160312/src/byzanzsession.c Examining data/byzanz-0.3.0+git20160312/src/byzanzsession.h Examining data/byzanz-0.3.0+git20160312/src/paneltogglebutton.c Examining data/byzanz-0.3.0+git20160312/src/paneltogglebutton.h Examining data/byzanz-0.3.0+git20160312/src/playback.c Examining data/byzanz-0.3.0+git20160312/src/record.c Examining data/byzanz-0.3.0+git20160312/src/screenshot-utils.c Examining data/byzanz-0.3.0+git20160312/src/screenshot-utils.h Examining data/byzanz-0.3.0+git20160312/src/byzanzencoderflv.c Examining data/byzanz-0.3.0+git20160312/src/byzanzencoderogv.c FINAL RESULTS: data/byzanz-0.3.0+git20160312/src/byzanzapplet.c:301:77: [3] (buffer) g_get_home_dir: This function is synonymous with 'getenv("HOME")';it returns untrustable input if the environment can beset by an attacker. It can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. gtk_file_chooser_set_current_folder (GTK_FILE_CHOOSER (priv->dialog), g_get_home_dir ()); data/byzanz-0.3.0+git20160312/src/byzanzserialize.c:74:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char result[strlen (IDENTIFICATION) + 1]; data/byzanz-0.3.0+git20160312/src/byzanzserialize.c:61:61: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return g_output_stream_write_all (stream, IDENTIFICATION, strlen (IDENTIFICATION), NULL, cancellable, error) && data/byzanz-0.3.0+git20160312/src/byzanzserialize.c:74:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char result[strlen (IDENTIFICATION) + 1]; data/byzanz-0.3.0+git20160312/src/byzanzserialize.c:85:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strncmp (result, IDENTIFICATION, strlen (IDENTIFICATION)) != 0) { data/byzanz-0.3.0+git20160312/src/byzanzserialize.c:90:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). endian = result[strlen (IDENTIFICATION)]; ANALYSIS SUMMARY: Hits = 6 Lines analyzed = 7262 in approximately 0.20 seconds (36267 lines/second) Physical Source Lines of Code (SLOC) = 5184 Hits@level = [0] 0 [1] 4 [2] 1 [3] 1 [4] 0 [5] 0 Hits@level+ = [0+] 6 [1+] 6 [2+] 2 [3+] 1 [4+] 0 [5+] 0 Hits/KSLOC@level+ = [0+] 1.15741 [1+] 1.15741 [2+] 0.385802 [3+] 0.192901 [4+] 0 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.