stdin

Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/cairo-5c-1.21/src/cairo-5c.h
Examining data/cairo-5c-1.21/src/cairo.c
Examining data/cairo-5c-1.21/src/draw.c
Examining data/cairo-5c-1.21/src/event.c
Examining data/cairo-5c-1.21/src/gstate.c
Examining data/cairo-5c-1.21/src/init.c
Examining data/cairo-5c-1.21/src/matrix.c
Examining data/cairo-5c-1.21/src/pattern.c
Examining data/cairo-5c-1.21/src/rsvg.c
Examining data/cairo-5c-1.21/src/surface.c
Examining data/cairo-5c-1.21/src/text.c
Examining data/cairo-5c-1.21/src/xlib.c

FINAL RESULTS:

data/cairo-5c-1.21/src/xlib.c:275:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char	buffer[128];
data/cairo-5c-1.21/src/xlib.c:437:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char    stuffed[128];
data/cairo-5c-1.21/src/event.c:62:11:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	    if (!read)
data/cairo-5c-1.21/src/event.c:72:21:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	c5s->recv_events = read;
data/cairo-5c-1.21/src/rsvg.c:110:60:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    rsvg = rsvg_handle_new_from_data((const guint8 *) str, strlen(str), &error);
data/cairo-5c-1.21/src/xlib.c:438:6:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	    read (fds[1].fd, stuffed, sizeof (stuffed));
data/cairo-5c-1.21/src/xlib.c:808:15:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    Value	    read;
data/cairo-5c-1.21/src/xlib.c:824:12:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    RETURN(read);

ANALYSIS SUMMARY:

Hits = 8
Lines analyzed = 5998 in approximately 0.99 seconds (6048 lines/second)
Physical Source Lines of Code (SLOC) = 4694
Hits@level = [0]   8 [1]   6 [2]   2 [3]   0 [4]   0 [5]   0
Hits@level+ = [0+]  16 [1+]   8 [2+]   2 [3+]   0 [4+]   0 [5+]   0
Hits/KSLOC@level+ = [0+] 3.40861 [1+] 1.7043 [2+] 0.426076 [3+]   0 [4+]   0 [5+]   0
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.