Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/dee-1.2.7+17.10.20170616/src/dee-icu-term-filter.c Examining data/dee-1.2.7+17.10.20170616/src/dee-serializable-model.c Examining data/dee-1.2.7+17.10.20170616/src/dee-term-list.h Examining data/dee-1.2.7+17.10.20170616/src/dee-file-resource-manager.c Examining data/dee-1.2.7+17.10.20170616/src/dee-filter.c Examining data/dee-1.2.7+17.10.20170616/src/dee-model.c Examining data/dee-1.2.7+17.10.20170616/src/dee-analyzer.c Examining data/dee-1.2.7+17.10.20170616/src/dee-analyzer.h Examining data/dee-1.2.7+17.10.20170616/src/dee-sequence-model.c Examining data/dee-1.2.7+17.10.20170616/src/dee-term-list.c Examining data/dee-1.2.7+17.10.20170616/src/dee-hash-index.c Examining data/dee-1.2.7+17.10.20170616/src/trace-log.h Examining data/dee-1.2.7+17.10.20170616/src/dee-filter.h Examining data/dee-1.2.7+17.10.20170616/src/dee-result-set.h Examining data/dee-1.2.7+17.10.20170616/src/dee-resource-manager.h Examining data/dee-1.2.7+17.10.20170616/src/dee-tree-index.h Examining data/dee-1.2.7+17.10.20170616/src/dee-tree-index.c Examining data/dee-1.2.7+17.10.20170616/src/dee-index.c Examining data/dee-1.2.7+17.10.20170616/src/dee-proxy-model.h Examining data/dee-1.2.7+17.10.20170616/src/dee-server.c Examining data/dee-1.2.7+17.10.20170616/src/dee-text-analyzer.c Examining data/dee-1.2.7+17.10.20170616/src/dee-transaction.c Examining data/dee-1.2.7+17.10.20170616/src/dee-filter-model.h Examining data/dee-1.2.7+17.10.20170616/src/dee-serializable.c Examining data/dee-1.2.7+17.10.20170616/src/dee-client.h Examining data/dee-1.2.7+17.10.20170616/src/dee-glist-result-set.h Examining data/dee-1.2.7+17.10.20170616/src/trace-log.c Examining data/dee-1.2.7+17.10.20170616/src/dee-transaction.h Examining data/dee-1.2.7+17.10.20170616/src/dee-model.h Examining data/dee-1.2.7+17.10.20170616/src/dee-serializable.h Examining data/dee-1.2.7+17.10.20170616/src/dee-peer.h Examining data/dee-1.2.7+17.10.20170616/src/dee-result-set.c Examining data/dee-1.2.7+17.10.20170616/src/dee-shared-model.h Examining data/dee-1.2.7+17.10.20170616/src/dee-peer.c Examining data/dee-1.2.7+17.10.20170616/src/dee-client.c Examining data/dee-1.2.7+17.10.20170616/src/dee-proxy-model.c Examining data/dee-1.2.7+17.10.20170616/src/dee.h Examining data/dee-1.2.7+17.10.20170616/src/dee-hash-index.h Examining data/dee-1.2.7+17.10.20170616/src/dee-model-reader.c Examining data/dee-1.2.7+17.10.20170616/src/dee-shared-model.c Examining data/dee-1.2.7+17.10.20170616/src/dee-model-reader.h Examining data/dee-1.2.7+17.10.20170616/src/dee-text-analyzer.h Examining data/dee-1.2.7+17.10.20170616/src/dee-resource-manager.c Examining data/dee-1.2.7+17.10.20170616/src/dee-serializable-model.h Examining data/dee-1.2.7+17.10.20170616/src/dee-index.h Examining data/dee-1.2.7+17.10.20170616/src/dee-server.h Examining data/dee-1.2.7+17.10.20170616/src/dee-file-resource-manager.h Examining data/dee-1.2.7+17.10.20170616/src/dee-filter-model.c Examining data/dee-1.2.7+17.10.20170616/src/dee-glist-result-set.c Examining data/dee-1.2.7+17.10.20170616/src/dee-icu.h Examining data/dee-1.2.7+17.10.20170616/src/dee-sequence-model.h Examining data/dee-1.2.7+17.10.20170616/tests/server-helper-client.c Examining data/dee-1.2.7+17.10.20170616/tests/test-model-signals.c Examining data/dee-1.2.7+17.10.20170616/tests/model-helper-introspect.c Examining data/dee-1.2.7+17.10.20170616/tests/test-model-readers.c Examining data/dee-1.2.7+17.10.20170616/tests/model-helper-resync3rows.c Examining data/dee-1.2.7+17.10.20170616/tests/test-model-tags.c Examining data/dee-1.2.7+17.10.20170616/tests/model-helper-append1.c Examining data/dee-1.2.7+17.10.20170616/tests/test-benchmark.c Examining data/dee-1.2.7+17.10.20170616/tests/test-filter-model.c Examining data/dee-1.2.7+17.10.20170616/tests/test-model-rows.c Examining data/dee-1.2.7+17.10.20170616/tests/test-transaction.c Examining data/dee-1.2.7+17.10.20170616/tests/test-index.c Examining data/dee-1.2.7+17.10.20170616/tests/model-helper-remove3rows.c Examining data/dee-1.2.7+17.10.20170616/tests/peer-helper-1peer.c Examining data/dee-1.2.7+17.10.20170616/tests/test-glist-result-set.c Examining data/dee-1.2.7+17.10.20170616/tests/test-client-server.c Examining data/dee-1.2.7+17.10.20170616/tests/test-model-complex-column.c Examining data/dee-1.2.7+17.10.20170616/tests/model-helper-change3rows.c Examining data/dee-1.2.7+17.10.20170616/tests/test-resource-manager.c Examining data/dee-1.2.7+17.10.20170616/tests/model-helper-schemaless.c Examining data/dee-1.2.7+17.10.20170616/tests/test-serializable.c Examining data/dee-1.2.7+17.10.20170616/tests/test-peer-interactions.c Examining data/dee-1.2.7+17.10.20170616/tests/model-helper-clone3rows.c Examining data/dee-1.2.7+17.10.20170616/tests/test-model-interactions.c Examining data/dee-1.2.7+17.10.20170616/tests/test-term-list.c Examining data/dee-1.2.7+17.10.20170616/tests/model-helper-clear3add5.c Examining data/dee-1.2.7+17.10.20170616/tests/model-helper-add3rows.c Examining data/dee-1.2.7+17.10.20170616/tests/test-model-column.c Examining data/dee-1.2.7+17.10.20170616/tests/model-helper-clear6rows.c Examining data/dee-1.2.7+17.10.20170616/tests/model-helper-replace.c Examining data/dee-1.2.7+17.10.20170616/tests/model-helper-clear3rows.c Examining data/dee-1.2.7+17.10.20170616/tests/test-icu.c Examining data/dee-1.2.7+17.10.20170616/tests/model-helper-clone3rows-meta.c Examining data/dee-1.2.7+17.10.20170616/tests/model-helper-insert1row.c Examining data/dee-1.2.7+17.10.20170616/tests/test-model-seqnums.c Examining data/dee-1.2.7+17.10.20170616/tests/test-dee.c Examining data/dee-1.2.7+17.10.20170616/tests/test-analyzer.c Examining data/dee-1.2.7+17.10.20170616/examples/slave-model.c Examining data/dee-1.2.7+17.10.20170616/examples/synced-lists.c Examining data/dee-1.2.7+17.10.20170616/examples/peers.c Examining data/dee-1.2.7+17.10.20170616/examples/master-model.c Examining data/dee-1.2.7+17.10.20170616/tools/dee-tool.c FINAL RESULTS: data/dee-1.2.7+17.10.20170616/src/dee-server.c:569:48: [3] (buffer) g_get_tmp_dir: This function is synonymous with 'getenv("TMP")';it returns untrustable input if the environment can beset by an attacker. It can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. g_strdup_printf ("unix:path=%s/%s-%s", g_get_tmp_dir (), data/dee-1.2.7+17.10.20170616/src/dee-server.c:571:45: [3] (buffer) g_get_tmp_dir: This function is synonymous with 'getenv("TMP")';it returns untrustable input if the environment can beset by an attacker. It can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. g_strdup_printf ("unix:path=%s/%s", g_get_tmp_dir (), name); data/dee-1.2.7+17.10.20170616/src/dee-filter-model.c:286:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (priv->filter, g_value_get_pointer (value), sizeof (DeeFilter)); data/dee-1.2.7+17.10.20170616/src/dee-index.c:117:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (priv->reader, reader, sizeof (DeeModelReader)); data/dee-1.2.7+17.10.20170616/src/dee-term-list.c:402:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (clone_priv->terms->pdata, priv->terms->pdata, data/dee-1.2.7+17.10.20170616/src/dee-transaction.c:266:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (copy, row_data, n_cols * sizeof (GVariant*)); data/dee-1.2.7+17.10.20170616/tests/server-helper-client.c:89:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). num_clients = i = atoi (argv[2]); data/dee-1.2.7+17.10.20170616/src/dee-icu-term-filter.c:66:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (string) * 2; data/dee-1.2.7+17.10.20170616/src/dee-icu-term-filter.c:226:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). u_cap = strlen (text) * 4 + 1; ANALYSIS SUMMARY: Hits = 9 Lines analyzed = 33967 in approximately 1.29 seconds (26376 lines/second) Physical Source Lines of Code (SLOC) = 21336 Hits@level = [0] 0 [1] 2 [2] 5 [3] 2 [4] 0 [5] 0 Hits@level+ = [0+] 9 [1+] 9 [2+] 7 [3+] 2 [4+] 0 [5+] 0 Hits/KSLOC@level+ = [0+] 0.421822 [1+] 0.421822 [2+] 0.328084 [3+] 0.0937383 [4+] 0 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.