Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/font-manager-0.7.9/build-aux/orthographies/OrthographyData.h
Examining data/font-manager-0.7.9/build-aux/orthographies/class2struct.cpp
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Afrikaans.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Ahom.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/AleutCyrillic.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/AleutLatin.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Arabic.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/ArchaicGreekLetters.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Armenian.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Astronomy.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Balinese.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Baltic.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Bamum.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/BasicCyrillic.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/BasicGreek.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/BasicLatin.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Batak.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Bengali.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Brahmi.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Buginese.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/CanadianSyllabics.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Carian.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Catalan.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/CentralEuropean.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Chakma.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Cham.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Cherokee.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/ChessSymbols.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/ClaudianLetters.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Coptic.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Currencies.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/CypriotSyllabary.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Devanagari.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Dutch.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/EgyptianHieroglyphs.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Emoticons.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Ethiopic.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Euro.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/ExtendedArabic.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Farsi.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Food.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/FullCyrillic.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Georgian.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Glagolitic.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Gothic.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Gujarati.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Gurmukhi.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/HKSCS.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Hangul.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Hanunoo.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Hebrew.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/IPA.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/IgboOnwu.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Jamo.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Javanese.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Jinmeiyo.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Joyo.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Kaithi.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Kana.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Kannada.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/KayahLi.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Kazakh.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Kharoshthi.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Khmer.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Kokuji.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Lao.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/LatinLigatures.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Lepcha.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Limbu.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/LinearBIdeograms.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/LinearBSyllabary.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/MUFI_3_0.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Malayalam.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/MathematicalGreek.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/MathematicalLatin.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/MathematicalNumerals.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/MathematicalOperators.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/MeeteiMayak.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/MendeKikakui.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/MeroiticCursive.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/MeroiticHieroglyphs.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Miao.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Mongolian.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Myanmar.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/NewTaiLue.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Nko.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Ogham.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/OlChiki.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/OldItalic.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/OldSouthArabian.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Oriya.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Osmanya.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/PanAfricanLatin.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Pashto.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/PhagsPa.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Pinyin.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Polynesian.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/PolytonicGreek.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Rejang.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Romanian.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Runic.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Saurashtra.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/SimplifiedChinese.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Sindhi.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Sinhala.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Siraiki.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/SouthKoreanHanja.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Sundanese.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/SylotiNagri.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Syriac.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/TaiLe.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/TaiTham.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/TaiViet.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Tamil.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Telugu.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Thaana.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Thai.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Tibetan.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Tifinagh.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/TraditionalChinese.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Turkish.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Uighur.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Urdu.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Vai.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/VedicExtensions.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Venda.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Vietnamese.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/WesternEuropean.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/Yi.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/ZhuYinFuHao.h
Examining data/font-manager-0.7.9/build-aux/orthographies/fontaine/orthographies.h
Examining data/font-manager-0.7.9/extensions/nautilus/font-manager-menu-provider.c
Examining data/font-manager-0.7.9/extensions/nautilus/font-manager-menu-provider.h
Examining data/font-manager-0.7.9/extensions/nautilus/nautilus-font-manager-module.c
Examining data/font-manager-0.7.9/extensions/nemo/font-manager-menu-provider.c
Examining data/font-manager-0.7.9/extensions/nemo/font-manager-menu-provider.h
Examining data/font-manager-0.7.9/extensions/nemo/nemo-font-manager-module.c
Examining data/font-manager-0.7.9/extensions/thunar/font-manager-extension-utils.c
Examining data/font-manager-0.7.9/extensions/thunar/font-manager-extension-utils.h
Examining data/font-manager-0.7.9/extensions/thunar/font-manager-menu-provider.c
Examining data/font-manager-0.7.9/extensions/thunar/font-manager-menu-provider.h
Examining data/font-manager-0.7.9/extensions/thunar/font-manager-renamer-provider.c
Examining data/font-manager-0.7.9/extensions/thunar/font-manager-renamer-provider.h
Examining data/font-manager-0.7.9/extensions/thunar/thunar-font-manager-module.c
Examining data/font-manager-0.7.9/lib/common/font-manager-alias.c
Examining data/font-manager-0.7.9/lib/common/font-manager-alias.h
Examining data/font-manager-0.7.9/lib/common/font-manager-aliases.c
Examining data/font-manager-0.7.9/lib/common/font-manager-aliases.h
Examining data/font-manager-0.7.9/lib/common/font-manager-character-map.c
Examining data/font-manager-0.7.9/lib/common/font-manager-character-map.h
Examining data/font-manager-0.7.9/lib/common/font-manager-codepoint-list.c
Examining data/font-manager-0.7.9/lib/common/font-manager-codepoint-list.h
Examining data/font-manager-0.7.9/lib/common/font-manager-database.c
Examining data/font-manager-0.7.9/lib/common/font-manager-database.h
Examining data/font-manager-0.7.9/lib/common/font-manager-directories.c
Examining data/font-manager-0.7.9/lib/common/font-manager-directories.h
Examining data/font-manager-0.7.9/lib/common/font-manager-family.c
Examining data/font-manager-0.7.9/lib/common/font-manager-family.h
Examining data/font-manager-0.7.9/lib/common/font-manager-font-info.c
Examining data/font-manager-0.7.9/lib/common/font-manager-font-info.h
Examining data/font-manager-0.7.9/lib/common/font-manager-font-model.c
Examining data/font-manager-0.7.9/lib/common/font-manager-font-model.h
Examining data/font-manager-0.7.9/lib/common/font-manager-font-preview.c
Examining data/font-manager-0.7.9/lib/common/font-manager-font-preview.h
Examining data/font-manager-0.7.9/lib/common/font-manager-font-scale.c
Examining data/font-manager-0.7.9/lib/common/font-manager-font-scale.h
Examining data/font-manager-0.7.9/lib/common/font-manager-font.c
Examining data/font-manager-0.7.9/lib/common/font-manager-font.h
Examining data/font-manager-0.7.9/lib/common/font-manager-fontconfig.c
Examining data/font-manager-0.7.9/lib/common/font-manager-fontconfig.h
Examining data/font-manager-0.7.9/lib/common/font-manager-freetype.c
Examining data/font-manager-0.7.9/lib/common/font-manager-freetype.h
Examining data/font-manager-0.7.9/lib/common/font-manager-gtk-utils.c
Examining data/font-manager-0.7.9/lib/common/font-manager-gtk-utils.h
Examining data/font-manager-0.7.9/lib/common/font-manager-json-proxy.c
Examining data/font-manager-0.7.9/lib/common/font-manager-json-proxy.h
Examining data/font-manager-0.7.9/lib/common/font-manager-json.c
Examining data/font-manager-0.7.9/lib/common/font-manager-json.h
Examining data/font-manager-0.7.9/lib/common/font-manager-license-pane.c
Examining data/font-manager-0.7.9/lib/common/font-manager-license-pane.h
Examining data/font-manager-0.7.9/lib/common/font-manager-license.h
Examining data/font-manager-0.7.9/lib/common/font-manager-orthography.c
Examining data/font-manager-0.7.9/lib/common/font-manager-orthography.h
Examining data/font-manager-0.7.9/lib/common/font-manager-place-holder.c
Examining data/font-manager-0.7.9/lib/common/font-manager-place-holder.h
Examining data/font-manager-0.7.9/lib/common/font-manager-preview-controls.c
Examining data/font-manager-0.7.9/lib/common/font-manager-preview-controls.h
Examining data/font-manager-0.7.9/lib/common/font-manager-preview-pane.c
Examining data/font-manager-0.7.9/lib/common/font-manager-preview-pane.h
Examining data/font-manager-0.7.9/lib/common/font-manager-progress-data.c
Examining data/font-manager-0.7.9/lib/common/font-manager-progress-data.h
Examining data/font-manager-0.7.9/lib/common/font-manager-properties-pane.c
Examining data/font-manager-0.7.9/lib/common/font-manager-properties-pane.h
Examining data/font-manager-0.7.9/lib/common/font-manager-properties.c
Examining data/font-manager-0.7.9/lib/common/font-manager-properties.h
Examining data/font-manager-0.7.9/lib/common/font-manager-reject.c
Examining data/font-manager-0.7.9/lib/common/font-manager-reject.h
Examining data/font-manager-0.7.9/lib/common/font-manager-selections.c
Examining data/font-manager-0.7.9/lib/common/font-manager-selections.h
Examining data/font-manager-0.7.9/lib/common/font-manager-source.c
Examining data/font-manager-0.7.9/lib/common/font-manager-source.h
Examining data/font-manager-0.7.9/lib/common/font-manager-string-hashset.c
Examining data/font-manager-0.7.9/lib/common/font-manager-string-hashset.h
Examining data/font-manager-0.7.9/lib/common/font-manager-utils.h
Examining data/font-manager-0.7.9/lib/common/font-manager-vendor.h
Examining data/font-manager-0.7.9/lib/common/font-manager-xml-writer.c
Examining data/font-manager-0.7.9/lib/common/font-manager-xml-writer.h
Examining data/font-manager-0.7.9/lib/unicode/unicode-blocks.h
Examining data/font-manager-0.7.9/lib/unicode/unicode-categories.h
Examining data/font-manager-0.7.9/lib/unicode/unicode-character-map-zoom-window.c
Examining data/font-manager-0.7.9/lib/unicode/unicode-character-map-zoom-window.h
Examining data/font-manager-0.7.9/lib/unicode/unicode-character-map.c
Examining data/font-manager-0.7.9/lib/unicode/unicode-character-map.h
Examining data/font-manager-0.7.9/lib/unicode/unicode-codepoint-list.c
Examining data/font-manager-0.7.9/lib/unicode/unicode-codepoint-list.h
Examining data/font-manager-0.7.9/lib/unicode/unicode-info.c
Examining data/font-manager-0.7.9/lib/unicode/unicode-info.h
Examining data/font-manager-0.7.9/lib/unicode/unicode-names.h
Examining data/font-manager-0.7.9/lib/unicode/unicode-nameslist.h
Examining data/font-manager-0.7.9/lib/unicode/unicode-scripts.h
Examining data/font-manager-0.7.9/lib/unicode/unicode-search-bar.c
Examining data/font-manager-0.7.9/lib/unicode/unicode-search-bar.h
Examining data/font-manager-0.7.9/lib/unicode/unicode-unihan.h
Examining data/font-manager-0.7.9/lib/unicode/unicode-versions.h
FINAL RESULTS:
data/font-manager-0.7.9/lib/common/font-manager-properties.c:616:13: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system) {
data/font-manager-0.7.9/lib/common/font-manager-properties.c:628:37: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (FcPatternGetInteger(system, FC_HINT_STYLE, 0, &hintstyle) == FcResultMatch)
data/font-manager-0.7.9/lib/common/font-manager-properties.c:631:37: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (FcPatternGetInteger(system, FC_RGBA, 0, &rgba) == FcResultMatch) {
data/font-manager-0.7.9/lib/common/font-manager-properties.c:636:37: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (FcPatternGetInteger(system, FC_LCD_FILTER, 0, &lcdfilter) == FcResultMatch)
data/font-manager-0.7.9/lib/common/font-manager-properties.c:639:36: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (FcPatternGetDouble(system, FC_SCALE, 0 , &scale) == FcResultMatch)
data/font-manager-0.7.9/lib/common/font-manager-properties.c:642:36: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (FcPatternGetDouble(system, FC_DPI, 0 , &dpi) == FcResultMatch)
data/font-manager-0.7.9/lib/common/font-manager-properties.c:645:34: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (FcPatternGetBool(system, FC_ANTIALIAS, 0 , &antialias) == FcResultMatch)
data/font-manager-0.7.9/lib/common/font-manager-properties.c:648:34: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (FcPatternGetBool(system, FC_HINTING, 0 , &hinting) == FcResultMatch)
data/font-manager-0.7.9/lib/common/font-manager-properties.c:651:34: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (FcPatternGetBool(system, FC_AUTOHINT, 0 , &autohint) == FcResultMatch)
data/font-manager-0.7.9/lib/common/font-manager-properties.c:654:34: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (FcPatternGetBool(system, FC_EMBEDDED_BITMAP, 0 , &embeddedbitmap) == FcResultMatch)
data/font-manager-0.7.9/lib/common/font-manager-properties.c:657:30: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
FcPatternDestroy(system);
data/font-manager-0.7.9/lib/common/font-manager-font-model.c:477:24: [3] (random) g_random_int:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
do { self->stamp = g_random_int(); } while (self->stamp == 0);
data/font-manager-0.7.9/lib/common/font-manager-orthography.c:190:24: [3] (random) g_random_int_range:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
int rand = g_random_int_range(0, length);
data/font-manager-0.7.9/build-aux/orthographies/class2struct.cpp:17:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outfile.open(filename.str());
data/font-manager-0.7.9/lib/common/font-manager-properties.c:262:59: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
g_object_set(self, (const gchar *) prop_name, atoi((const char *) prop_val), NULL);
data/font-manager-0.7.9/build-aux/orthographies/class2struct.cpp:20:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cout << (strlen(p->nativeName) > 0 ? p->nativeName : p->commonName);
data/font-manager-0.7.9/lib/common/font-manager-place-holder.c:100:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
visible = strlen(gtk_label_get_text(GTK_LABEL(self->title))) > 0;
data/font-manager-0.7.9/lib/common/font-manager-place-holder.c:105:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
visible = strlen(gtk_label_get_text(GTK_LABEL(self->subtitle))) > 0;
data/font-manager-0.7.9/lib/common/font-manager-place-holder.c:110:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
visible = strlen(gtk_label_get_text(GTK_LABEL(self->message))) > 0;
data/font-manager-0.7.9/lib/unicode/unicode-search-bar.c:99:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gint needle_len = strlen(needle);
data/font-manager-0.7.9/lib/unicode/unicode-search-bar.c:100:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gint haystack_len = strlen(haystack);
data/font-manager-0.7.9/lib/unicode/unicode-search-bar.c:494:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(entry_text) != 0) {
ANALYSIS SUMMARY:
Hits = 22
Lines analyzed = 339222 in approximately 10.51 seconds (32266 lines/second)
Physical Source Lines of Code (SLOC) = 328212
Hits@level = [0] 6 [1] 7 [2] 2 [3] 2 [4] 11 [5] 0
Hits@level+ = [0+] 28 [1+] 22 [2+] 15 [3+] 13 [4+] 11 [5+] 0
Hits/KSLOC@level+ = [0+] 0.0853107 [1+] 0.0670298 [2+] 0.0457022 [3+] 0.0396085 [4+] 0.0335149 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.