Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/cwidget-0.5.18/tests/test_threads.cc
Examining data/cwidget-0.5.18/tests/test_ssprintf.cc
Examining data/cwidget-0.5.18/tests/test_eassert.cc
Examining data/cwidget-0.5.18/tests/main.cc
Examining data/cwidget-0.5.18/src/cwidget/widgets/widget.cc
Examining data/cwidget-0.5.18/src/cwidget/widgets/treeitem.cc
Examining data/cwidget-0.5.18/src/cwidget/widgets/tree.cc
Examining data/cwidget-0.5.18/src/cwidget/widgets/transient.cc
Examining data/cwidget-0.5.18/src/cwidget/widgets/togglebutton.cc
Examining data/cwidget-0.5.18/src/cwidget/widgets/text_layout.cc
Examining data/cwidget-0.5.18/src/cwidget/widgets/table.cc
Examining data/cwidget-0.5.18/src/cwidget/widgets/statuschoice.cc
Examining data/cwidget-0.5.18/src/cwidget/widgets/staticitem.cc
Examining data/cwidget-0.5.18/src/cwidget/widgets/stacked.cc
Examining data/cwidget-0.5.18/src/cwidget/widgets/size_box.cc
Examining data/cwidget-0.5.18/src/cwidget/widgets/scrollbar.cc
Examining data/cwidget-0.5.18/src/cwidget/widgets/radiogroup.cc
Examining data/cwidget-0.5.18/src/cwidget/widgets/passthrough.cc
Examining data/cwidget-0.5.18/src/cwidget/widgets/pager.cc
Examining data/cwidget-0.5.18/src/cwidget/widgets/multiplex.cc
Examining data/cwidget-0.5.18/src/cwidget/widgets/minibuf_win.cc
Examining data/cwidget-0.5.18/src/cwidget/widgets/menubar.cc
Examining data/cwidget-0.5.18/src/cwidget/widgets/menu.cc
Examining data/cwidget-0.5.18/src/cwidget/widgets/layout_item.cc
Examining data/cwidget-0.5.18/src/cwidget/widgets/label.cc
Examining data/cwidget-0.5.18/src/cwidget/widgets/frame.cc
Examining data/cwidget-0.5.18/src/cwidget/widgets/editline.cc
Examining data/cwidget-0.5.18/src/cwidget/widgets/container.cc
Examining data/cwidget-0.5.18/src/cwidget/widgets/center.cc
Examining data/cwidget-0.5.18/src/cwidget/widgets/button.cc
Examining data/cwidget-0.5.18/src/cwidget/widgets/bin.cc
Examining data/cwidget-0.5.18/src/cwidget/widgets/widget.h
Examining data/cwidget-0.5.18/src/cwidget/widgets/treeitem.h
Examining data/cwidget-0.5.18/src/cwidget/widgets/tree.h
Examining data/cwidget-0.5.18/src/cwidget/widgets/transient.h
Examining data/cwidget-0.5.18/src/cwidget/widgets/togglebutton.h
Examining data/cwidget-0.5.18/src/cwidget/widgets/text_layout.h
Examining data/cwidget-0.5.18/src/cwidget/widgets/table.h
Examining data/cwidget-0.5.18/src/cwidget/widgets/subtree.h
Examining data/cwidget-0.5.18/src/cwidget/widgets/statuschoice.h
Examining data/cwidget-0.5.18/src/cwidget/widgets/staticitem.h
Examining data/cwidget-0.5.18/src/cwidget/widgets/stacked.h
Examining data/cwidget-0.5.18/src/cwidget/widgets/size_box.h
Examining data/cwidget-0.5.18/src/cwidget/widgets/scrollbar.h
Examining data/cwidget-0.5.18/src/cwidget/widgets/radiogroup.h
Examining data/cwidget-0.5.18/src/cwidget/widgets/passthrough.h
Examining data/cwidget-0.5.18/src/cwidget/widgets/pager.h
Examining data/cwidget-0.5.18/src/cwidget/widgets/multiplex.h
Examining data/cwidget-0.5.18/src/cwidget/widgets/minibuf_win.h
Examining data/cwidget-0.5.18/src/cwidget/widgets/menubar.h
Examining data/cwidget-0.5.18/src/cwidget/widgets/menu.h
Examining data/cwidget-0.5.18/src/cwidget/widgets/layout_item.h
Examining data/cwidget-0.5.18/src/cwidget/widgets/label.h
Examining data/cwidget-0.5.18/src/cwidget/widgets/frame.h
Examining data/cwidget-0.5.18/src/cwidget/widgets/editline.h
Examining data/cwidget-0.5.18/src/cwidget/widgets/container.h
Examining data/cwidget-0.5.18/src/cwidget/widgets/center.h
Examining data/cwidget-0.5.18/src/cwidget/widgets/button.h
Examining data/cwidget-0.5.18/src/cwidget/widgets/bin.h
Examining data/cwidget-0.5.18/src/cwidget/generic/util/transcode.cc
Examining data/cwidget-0.5.18/src/cwidget/generic/util/ssprintf.cc
Examining data/cwidget-0.5.18/src/cwidget/generic/util/exception.cc
Examining data/cwidget-0.5.18/src/cwidget/generic/util/eassert.cc
Examining data/cwidget-0.5.18/src/cwidget/generic/util/transcode.h
Examining data/cwidget-0.5.18/src/cwidget/generic/util/ssprintf.h
Examining data/cwidget-0.5.18/src/cwidget/generic/util/slotarg.h
Examining data/cwidget-0.5.18/src/cwidget/generic/util/ref_ptr.h
Examining data/cwidget-0.5.18/src/cwidget/generic/util/exception.h
Examining data/cwidget-0.5.18/src/cwidget/generic/util/eassert.h
Examining data/cwidget-0.5.18/src/cwidget/generic/util/bool_accumulate.h
Examining data/cwidget-0.5.18/src/cwidget/generic/util/i18n.h
Examining data/cwidget-0.5.18/src/cwidget/generic/threads/threads.cc
Examining data/cwidget-0.5.18/src/cwidget/generic/threads/threads.h
Examining data/cwidget-0.5.18/src/cwidget/generic/threads/event_queue.h
Examining data/cwidget-0.5.18/src/cwidget/config/keybindings.cc
Examining data/cwidget-0.5.18/src/cwidget/config/column_definition.cc
Examining data/cwidget-0.5.18/src/cwidget/config/colors.cc
Examining data/cwidget-0.5.18/src/cwidget/config/keybindings.h
Examining data/cwidget-0.5.18/src/cwidget/config/column_definition.h
Examining data/cwidget-0.5.18/src/cwidget/config/colors.h
Examining data/cwidget-0.5.18/src/cwidget/testcwidget.cc
Examining data/cwidget-0.5.18/src/cwidget/toplevel.cc
Examining data/cwidget-0.5.18/src/cwidget/style.cc
Examining data/cwidget-0.5.18/src/cwidget/fragment_cache.cc
Examining data/cwidget-0.5.18/src/cwidget/fragment.cc
Examining data/cwidget-0.5.18/src/cwidget/dialogs.cc
Examining data/cwidget-0.5.18/src/cwidget/curses++.cc
Examining data/cwidget-0.5.18/src/cwidget/columnify.cc
Examining data/cwidget-0.5.18/src/cwidget/toplevel.h
Examining data/cwidget-0.5.18/src/cwidget/style.h
Examining data/cwidget-0.5.18/src/cwidget/fragment_contents.h
Examining data/cwidget-0.5.18/src/cwidget/fragment_cache.h
Examining data/cwidget-0.5.18/src/cwidget/fragment.h
Examining data/cwidget-0.5.18/src/cwidget/dialogs.h
Examining data/cwidget-0.5.18/src/cwidget/curses++.h
Examining data/cwidget-0.5.18/src/cwidget/columnify.h
Examining data/cwidget-0.5.18/cwidget-config.h

FINAL RESULTS:

data/cwidget-0.5.18/src/cwidget/generic/util/ssprintf.cc:52:23:  [4] (format) vsnprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
      const int amt = vsnprintf(buf, initbufsize, format, ap);
data/cwidget-0.5.18/src/cwidget/generic/util/ssprintf.cc:64:21:  [4] (format) vsnprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
	  const int amt2 = vsnprintf(buf2, buf2size, format, ap2);
data/cwidget-0.5.18/src/cwidget/generic/util/ssprintf.cc:109:14:  [4] (format) vswprintf:
  Potential format string problem (CWE-134). Make format string constant.
	  int amt = vswprintf(buf, bufsize, format, ap2);
data/cwidget-0.5.18/src/cwidget/generic/util/ssprintf.h:33:29:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    __attribute__ ((format (printf, 1, 2)))
data/cwidget-0.5.18/src/cwidget/widgets/pager.cc:475:4:  [4] (format) swprintf:
  Potential format string problem (CWE-134). Make format string constant.
	  swprintf(buf, sizeof(buf)/sizeof(wchar_t),
data/cwidget-0.5.18/src/cwidget/config/keybindings.cc:448:8:  [2] (buffer) wchar_t:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	      wchar_t tmp[2];
data/cwidget-0.5.18/src/cwidget/curses++.cc:239:13:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if( (fd=open("/dev/tty",O_RDONLY)!=-1))
data/cwidget-0.5.18/src/cwidget/curses++.cc:384:2:  [2] (buffer) wchar_t:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	wchar_t dummy[2];
data/cwidget-0.5.18/src/cwidget/curses++.h:129:27:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    { return (char_type*) memcpy (s1, s2, n*sizeof(char_type)); }
data/cwidget-0.5.18/src/cwidget/curses++.h:153:27:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    { return (char_type*) memcpy (s1, s2, n*sizeof(char_type)); }
data/cwidget-0.5.18/src/cwidget/curses++.h:458:7:  [2] (buffer) wchar_t:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      wchar_t tmp[2];
data/cwidget-0.5.18/src/cwidget/fragment.cc:1349:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char buf[64];
data/cwidget-0.5.18/src/cwidget/generic/util/ssprintf.cc:51:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char buf[initbufsize];
data/cwidget-0.5.18/src/cwidget/testcwidget.cc:164:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char buf[32];
data/cwidget-0.5.18/src/cwidget/testcwidget.cc:237:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buf[128];
data/cwidget-0.5.18/src/cwidget/testcwidget.cc:263:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	  char buf[256];
data/cwidget-0.5.18/src/cwidget/widgets/pager.cc:420:14:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      int fd=open(filename.c_str(), O_RDONLY, 0644);
data/cwidget-0.5.18/src/cwidget/widgets/pager.cc:473:4:  [2] (buffer) wchar_t:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	  wchar_t buf[512];
data/cwidget-0.5.18/src/cwidget/widgets/table.cc:30:17:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    FILE *debug=fopen("/tmp/cwidget.log", "w");
data/cwidget-0.5.18/src/cwidget/generic/util/transcode.cc:163:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		  size_t errbufsize = strlen(errbuf);
data/cwidget-0.5.18/src/cwidget/generic/util/transcode.cc:249:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
				   s, strlen(s), result_size, "WCHAR_T");
data/cwidget-0.5.18/src/cwidget/generic/util/transcode.cc:315:8:  [1] (buffer) wcslen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
				   wcslen(s)*sizeof(wchar_t),
data/cwidget-0.5.18/src/cwidget/testcwidget.cc:302:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  file_pager_ref pager=file_pager::create(s, strlen(s));
data/cwidget-0.5.18/src/cwidget/toplevel.cc:236:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      return ::write(fd, s, strlen(s));
data/cwidget-0.5.18/tests/test_ssprintf.cc:40:15:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
  static bool equal(const std::wstring &x, const std::wstring &y)

ANALYSIS SUMMARY:

Hits = 25
Lines analyzed = 24075 in approximately 0.62 seconds (38743 lines/second)
Physical Source Lines of Code (SLOC) = 15709
Hits@level = [0]  54 [1]   6 [2]  14 [3]   0 [4]   5 [5]   0
Hits@level+ = [0+]  79 [1+]  25 [2+]  19 [3+]   5 [4+]   5 [5+]   0
Hits/KSLOC@level+ = [0+] 5.02896 [1+] 1.59144 [2+] 1.2095 [3+] 0.318289 [4+] 0.318289 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.