Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/glyr-1.0.10/lib/apikeys.h Examining data/glyr-1.0.10/lib/blacklist.c Examining data/glyr-1.0.10/lib/blacklist.h Examining data/glyr-1.0.10/lib/cache.c Examining data/glyr-1.0.10/lib/cache.h Examining data/glyr-1.0.10/lib/cache_intern.c Examining data/glyr-1.0.10/lib/cache_intern.h Examining data/glyr-1.0.10/lib/config.h Examining data/glyr-1.0.10/lib/core.c Examining data/glyr-1.0.10/lib/core.h Examining data/glyr-1.0.10/lib/glyr.c Examining data/glyr-1.0.10/lib/glyr.h Examining data/glyr-1.0.10/lib/intern/ainfo.c Examining data/glyr-1.0.10/lib/intern/ainfo/bbcmusic.c Examining data/glyr-1.0.10/lib/intern/ainfo/echonest.c Examining data/glyr-1.0.10/lib/intern/ainfo/lastfm.c Examining data/glyr-1.0.10/lib/intern/ainfo/lyricsreg.c Examining data/glyr-1.0.10/lib/intern/albumlist.c Examining data/glyr-1.0.10/lib/intern/albumlist/musicbrainz.c Examining data/glyr-1.0.10/lib/intern/backdrops.c Examining data/glyr-1.0.10/lib/intern/backdrops/htbackdrops.c Examining data/glyr-1.0.10/lib/intern/cache/db_provider.c Examining data/glyr-1.0.10/lib/intern/common/amazon.c Examining data/glyr-1.0.10/lib/intern/common/amazon.h Examining data/glyr-1.0.10/lib/intern/common/google.c Examining data/glyr-1.0.10/lib/intern/common/google.h Examining data/glyr-1.0.10/lib/intern/common/mbid_lookup.c Examining data/glyr-1.0.10/lib/intern/common/mbid_lookup.h Examining data/glyr-1.0.10/lib/intern/common/musicbrainz.c Examining data/glyr-1.0.10/lib/intern/common/musicbrainz.h Examining data/glyr-1.0.10/lib/intern/common/picsearch.c Examining data/glyr-1.0.10/lib/intern/common/picsearch.h Examining data/glyr-1.0.10/lib/intern/cover.c Examining data/glyr-1.0.10/lib/intern/cover/albumart.c Examining data/glyr-1.0.10/lib/intern/cover/amazon.c Examining data/glyr-1.0.10/lib/intern/cover/coverartarchive.c Examining data/glyr-1.0.10/lib/intern/cover/coverhunt.c Examining data/glyr-1.0.10/lib/intern/cover/discogs.c Examining data/glyr-1.0.10/lib/intern/cover/google.c Examining data/glyr-1.0.10/lib/intern/cover/jamendo.c Examining data/glyr-1.0.10/lib/intern/cover/lastfm.c Examining data/glyr-1.0.10/lib/intern/cover/lyricswiki.c Examining data/glyr-1.0.10/lib/intern/cover/musicbrainz.c Examining data/glyr-1.0.10/lib/intern/cover/picsearch.c Examining data/glyr-1.0.10/lib/intern/cover/rhapsody.c Examining data/glyr-1.0.10/lib/intern/cover/slothradio.c Examining data/glyr-1.0.10/lib/intern/generic.c Examining data/glyr-1.0.10/lib/intern/generic.h Examining data/glyr-1.0.10/lib/intern/guitartabs.c Examining data/glyr-1.0.10/lib/intern/guitartabs/chordie_com.c Examining data/glyr-1.0.10/lib/intern/guitartabs/guitaretab.c Examining data/glyr-1.0.10/lib/intern/lyrics.c Examining data/glyr-1.0.10/lib/intern/lyrics/chartlyrics.c Examining data/glyr-1.0.10/lib/intern/lyrics/elyrics.c Examining data/glyr-1.0.10/lib/intern/lyrics/lipwalk.c Examining data/glyr-1.0.10/lib/intern/lyrics/lyrdb.c Examining data/glyr-1.0.10/lib/intern/lyrics/lyricsreg.c Examining data/glyr-1.0.10/lib/intern/lyrics/lyricstime.c Examining data/glyr-1.0.10/lib/intern/lyrics/lyricsvip.c Examining data/glyr-1.0.10/lib/intern/lyrics/lyricswiki.c Examining data/glyr-1.0.10/lib/intern/lyrics/lyrix_at.c Examining data/glyr-1.0.10/lib/intern/lyrics/magistrix.c Examining data/glyr-1.0.10/lib/intern/lyrics/metallum.c Examining data/glyr-1.0.10/lib/intern/lyrics/metrolyrics.c Examining data/glyr-1.0.10/lib/intern/lyrics/vagalume.c Examining data/glyr-1.0.10/lib/intern/musictree/musictree.c Examining data/glyr-1.0.10/lib/intern/photos.c Examining data/glyr-1.0.10/lib/intern/photos/bbcmusic.c Examining data/glyr-1.0.10/lib/intern/photos/discogs.c Examining data/glyr-1.0.10/lib/intern/photos/flickr.c Examining data/glyr-1.0.10/lib/intern/photos/google.c Examining data/glyr-1.0.10/lib/intern/photos/lastfm.c Examining data/glyr-1.0.10/lib/intern/photos/picsearch.c Examining data/glyr-1.0.10/lib/intern/photos/rhapsody.c Examining data/glyr-1.0.10/lib/intern/photos/singerpictures.c Examining data/glyr-1.0.10/lib/intern/relations.c Examining data/glyr-1.0.10/lib/intern/relations/generated.c Examining data/glyr-1.0.10/lib/intern/relations/musicbrainz.c Examining data/glyr-1.0.10/lib/intern/review.c Examining data/glyr-1.0.10/lib/intern/review/amazon.c Examining data/glyr-1.0.10/lib/intern/review/echonest.c Examining data/glyr-1.0.10/lib/intern/review/metallum.c Examining data/glyr-1.0.10/lib/intern/similar_artist.c Examining data/glyr-1.0.10/lib/intern/similar_artist/lastfm.c Examining data/glyr-1.0.10/lib/intern/similar_song.c Examining data/glyr-1.0.10/lib/intern/similar_song/lastfm.c Examining data/glyr-1.0.10/lib/intern/tags.c Examining data/glyr-1.0.10/lib/intern/tags/musicbrainz.c Examining data/glyr-1.0.10/lib/intern/tracklist.c Examining data/glyr-1.0.10/lib/intern/tracklist/musicbrainz.c Examining data/glyr-1.0.10/lib/jsmn/jsmn.c Examining data/glyr-1.0.10/lib/jsmn/jsmn.h Examining data/glyr-1.0.10/lib/jsmn/jsmn_test.c Examining data/glyr-1.0.10/lib/misc.c Examining data/glyr-1.0.10/lib/misc.h Examining data/glyr-1.0.10/lib/register_plugins.c Examining data/glyr-1.0.10/lib/register_plugins.h Examining data/glyr-1.0.10/lib/stringlib.c Examining data/glyr-1.0.10/lib/stringlib.h Examining data/glyr-1.0.10/lib/testing.c Examining data/glyr-1.0.10/lib/testing.h Examining data/glyr-1.0.10/lib/types.h Examining data/glyr-1.0.10/spec/capi/check_api.c Examining data/glyr-1.0.10/spec/capi/check_dbc.c Examining data/glyr-1.0.10/spec/capi/check_opt.c Examining data/glyr-1.0.10/spec/capi/test_common.c Examining data/glyr-1.0.10/spec/capi/test_common.h Examining data/glyr-1.0.10/src/examples/async_queue.c Examining data/glyr-1.0.10/src/examples/dbcache.c Examining data/glyr-1.0.10/src/examples/dbtest.c Examining data/glyr-1.0.10/src/examples/example.c Examining data/glyr-1.0.10/src/examples/exit_signal.c Examining data/glyr-1.0.10/src/examples/getinfo.c Examining data/glyr-1.0.10/src/examples/musictree.c Examining data/glyr-1.0.10/src/examples/rating.c Examining data/glyr-1.0.10/src/examples/simple.c Examining data/glyr-1.0.10/src/examples/threads.c Examining data/glyr-1.0.10/src/glyrc/autohelp.c Examining data/glyr-1.0.10/src/glyrc/autohelp.h Examining data/glyr-1.0.10/src/glyrc/colorprint.c Examining data/glyr-1.0.10/src/glyrc/colorprint.h Examining data/glyr-1.0.10/src/glyrc/escape.c Examining data/glyr-1.0.10/src/glyrc/escape.h Examining data/glyr-1.0.10/src/glyrc/glyrc.c Examining data/glyr-1.0.10/src/glyrc/update.c Examining data/glyr-1.0.10/src/glyrc/update.h Examining data/glyr-1.0.10/src/utils/clean_db.c Examining data/glyr-1.0.10/src/utils/guess_lang.c Examining data/glyr-1.0.10/src/utils/ping_url.c FINAL RESULTS: data/glyr-1.0.10/spec/capi/check_dbc.c:47:5: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system ("rm -rf /tmp/check/"); data/glyr-1.0.10/spec/capi/check_dbc.c:54:5: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system ("mkdir -p /tmp/check"); data/glyr-1.0.10/spec/capi/check_dbc.c:70:5: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system ("rm /tmp/metadata.db"); data/glyr-1.0.10/src/examples/dbtest.c:34:5: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system ("rm /home/chris/metadata.db"); data/glyr-1.0.10/src/glyrc/glyrc.c:657:31: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. int exitVal = system (command); data/glyr-1.0.10/src/glyrc/update.c:90:13: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if (system (UPDATE_SCRIPT) == -1) data/glyr-1.0.10/src/examples/exit_signal.c:30:5: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand (time (NULL) ); data/glyr-1.0.10/src/examples/rating.c:47:5: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand (time (NULL) ); data/glyr-1.0.10/src/glyrc/glyrc.c:432:19: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. if ( (c = getopt_long (argc, argv, "N:f:W:w:p:r:m:x:u:v:q:c::F:hVodDLa:b:t:i:e:s:n:l:z:j:k:8gGyY",long_options, &option_index) ) == -1) data/glyr-1.0.10/lib/cache.c:930:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (cache->md5sum,argv[11],16); data/glyr-1.0.10/lib/cache.c:936:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (cache->data,argv[12],cache->size); data/glyr-1.0.10/lib/core.c:111:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (& (mem->data[mem->size]), puffer, realsize); data/glyr-1.0.10/lib/core.c:165:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (result,cache,sizeof (GlyrMemCache) ); data/glyr-1.0.10/lib/core.c:171:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (result->data,cache->data,cache->size); data/glyr-1.0.10/lib/core.c:176:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (result->md5sum,cache->md5sum,16); data/glyr-1.0.10/lib/core.c:294:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (nulbuf,ptr,bytes); data/glyr-1.0.10/lib/glyr.c:1039:25: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE * fp = fopen (path,"w"); data/glyr-1.0.10/lib/intern/cover/jamendo.c:75:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char * line_split[3] = {0,0,0}; data/glyr-1.0.10/lib/jsmn/jsmn_test.c:310:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(toklarge, toksmall, sizeof(toksmall)); data/glyr-1.0.10/lib/stringlib.c:904:25: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (string+n, Tpon, tLen); data/glyr-1.0.10/lib/types.h:317:18: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char md5sum[16]; data/glyr-1.0.10/lib/types.h:435:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char * info[10]; /*!< Do not use! - A register where porinters to all dynamic alloc. fields are saved. Do not use. */ data/glyr-1.0.10/spec/capi/check_api.c:149:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char old_sum[16] = {0}; data/glyr-1.0.10/spec/capi/check_api.c:150:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (old_sum,c->md5sum,16); data/glyr-1.0.10/src/glyrc/escape.c:223:25: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&retv[off],subsitution,subs_len); data/glyr-1.0.10/src/glyrc/glyrc.c:463:39: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). glyr_opt_verbosity (glyrs,atoi (optarg) ); data/glyr-1.0.10/src/glyrc/glyrc.c:466:38: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). glyr_opt_parallel (glyrs,atoi (optarg) ); data/glyr-1.0.10/src/glyrc/glyrc.c:469:39: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). glyr_opt_redirects (glyrs,atoi (optarg) ); data/glyr-1.0.10/src/glyrc/glyrc.c:472:37: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). glyr_opt_timeout (glyrs,atoi (optarg) ); data/glyr-1.0.10/src/glyrc/glyrc.c:478:37: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). glyr_opt_plugmax (glyrs,atoi (optarg) ); data/glyr-1.0.10/src/glyrc/glyrc.c:496:41: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). glyr_opt_img_minsize (glyrs,atoi (optarg) ); data/glyr-1.0.10/src/glyrc/glyrc.c:499:41: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). glyr_opt_img_maxsize (glyrs,atoi (optarg) ); data/glyr-1.0.10/src/glyrc/glyrc.c:502:36: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). glyr_opt_number (glyrs,atoi (optarg) ); data/glyr-1.0.10/src/glyrc/glyrc.c:540:39: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). glyr_opt_fuzzyness (glyrs,atoi (optarg) ); data/glyr-1.0.10/src/utils/ping_url.c:46:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (nulbuf,ptr,bytes); data/glyr-1.0.10/lib/cache.c:249:56: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int rc = sqlite3_bind_text(stmt,cpPos,text,strlen(text) + 1, SQLITE_STATIC); \ data/glyr-1.0.10/lib/cache.c:415:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sqlite3_prepare_v2 (db->db_handle, sql, strlen (sql) + 1, &stmt, NULL); data/glyr-1.0.10/lib/cache.c:768:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sqlite3_prepare_v2 (db->db_handle, sql, strlen (sql) + 1, &stmt, NULL); data/glyr-1.0.10/lib/cache_intern.c:49:53: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sqlite3_prepare_v2 (db->db_handle, sql, strlen (sql) + 1, &stmt, NULL); data/glyr-1.0.10/lib/core.c:146:54: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cache->size = (len >= 0) ? (gsize) len : strlen (data); data/glyr-1.0.10/lib/core.c:253:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gsize len = strlen (proxystring); data/glyr-1.0.10/lib/core.c:299:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gsize ctt_len = strlen (cttp); data/glyr-1.0.10/lib/core.c:1056:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gsize len = strlen (allowed); data/glyr-1.0.10/lib/core.c:1208:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cache->size = strlen (normalized_utf8); data/glyr-1.0.10/lib/core.c:1410:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gsize name_len = strlen (f->name); data/glyr-1.0.10/lib/core.c:1411:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gsize len = strlen (q->from); data/glyr-1.0.10/lib/core.c:1419:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gsize token_len = strlen (token); data/glyr-1.0.10/lib/glyr.c:131:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gsize map_len = strlen (to_map); data/glyr-1.0.10/lib/glyr.c:1273:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (string != NULL && strlen (string) >= 32 && md5sum) data/glyr-1.0.10/lib/intern/ainfo.c:39:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). item->size = (item->data) ? strlen (item->data) : 0; data/glyr-1.0.10/lib/intern/ainfo/bbcmusic.c:41:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). result->size = strlen (content); data/glyr-1.0.10/lib/intern/ainfo/lastfm.c:88:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). result->size = strlen (result->data); data/glyr-1.0.10/lib/intern/albumlist/musicbrainz.c:114:53: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). result->size = (result->data) ? strlen (result->data) : 0; data/glyr-1.0.10/lib/intern/backdrops/htbackdrops.c:86:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). result->size = strlen (result->data); data/glyr-1.0.10/lib/intern/common/google.c:92:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). start += strlen (name); data/glyr-1.0.10/lib/intern/common/google.c:98:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (numbuf,start,span); data/glyr-1.0.10/lib/intern/common/google.c:134:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). find += strlen (FIRST_RESULT); data/glyr-1.0.10/lib/intern/common/mbid_lookup.c:29:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t keylen = strlen (key); data/glyr-1.0.10/lib/intern/common/musicbrainz.c:109:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gsize clen = strlen (checkstring); data/glyr-1.0.10/lib/intern/common/picsearch.c:63:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). result->size = strlen (img_url); data/glyr-1.0.10/lib/intern/cover/albumart.c:80:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). result->size = strlen (result->data); data/glyr-1.0.10/lib/intern/cover/amazon.c:83:92: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). while (continue_search (g_list_length (result_list),capo->s) && (find = strstr (find + strlen (tag_ssize), tag_ssize) ) != NULL) data/glyr-1.0.10/lib/intern/cover/coverartarchive.c:51:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). item->size = strlen (url); data/glyr-1.0.10/lib/intern/cover/coverhunt.c:43:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gchar * buf = copy_value (begin+strlen (hw),end); data/glyr-1.0.10/lib/intern/cover/coverhunt.c:82:56: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gchar * go_url = copy_value (table_start + strlen (NODE_BEGIN),table_end); data/glyr-1.0.10/lib/intern/cover/discogs.c:97:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). rc->size = strlen (rc_url); data/glyr-1.0.10/lib/intern/cover/jamendo.c:83:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). result->size = strlen (url); data/glyr-1.0.10/lib/intern/cover/lastfm.c:77:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). result->size = strlen (url); data/glyr-1.0.10/lib/intern/cover/lyricswiki.c:39:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gsize length = strlen (filename); data/glyr-1.0.10/lib/intern/cover/lyricswiki.c:49:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gsize format_pos = length - strlen (token); data/glyr-1.0.10/lib/intern/cover/lyricswiki.c:108:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). result->size = strlen (url); data/glyr-1.0.10/lib/intern/cover/musicbrainz.c:57:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). retv->size = strlen (img_url); data/glyr-1.0.10/lib/intern/cover/rhapsody.c:112:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). result->size = strlen (url); data/glyr-1.0.10/lib/intern/cover/rhapsody.c:133:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). result->size = strlen (result->data); data/glyr-1.0.10/lib/intern/cover/slothradio.c:114:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). result->size = strlen (url); data/glyr-1.0.10/lib/intern/guitartabs.c:38:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). item->size = (item->data) ? strlen (item->data) : 0; data/glyr-1.0.10/lib/intern/guitartabs/chordie_com.c:76:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). result->size = strlen (content); data/glyr-1.0.10/lib/intern/guitartabs/guitaretab.c:46:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). result->size = strlen (content); data/glyr-1.0.10/lib/intern/lyrics.c:38:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). item->size = (item->data) ? strlen (item->data) : 0; data/glyr-1.0.10/lib/intern/lyrics/chartlyrics.c:49:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). result->size = strlen (text); data/glyr-1.0.10/lib/intern/lyrics/lipwalk.c:62:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). result_cache->size = strlen (content); data/glyr-1.0.10/lib/intern/lyrics/lyricsreg.c:48:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmp->size = tmp->data ? strlen (tmp->data) : 0; data/glyr-1.0.10/lib/intern/lyrics/lyricstime.c:55:53: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). result->size = (result->data) ? strlen (result->data) : 0; data/glyr-1.0.10/lib/intern/lyrics/lyricsvip.c:73:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). result->size = strlen (content); data/glyr-1.0.10/lib/intern/lyrics/lyricswiki.c:112:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). result->size = strlen (result->data); data/glyr-1.0.10/lib/intern/lyrics/lyrix_at.c:57:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). result->size = strlen (result->data); data/glyr-1.0.10/lib/intern/lyrics/lyrix_at.c:95:68: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gchar * url_part = copy_value (url_tag+strlen (URL_TAG_BEGIN),title_tag); data/glyr-1.0.10/lib/intern/lyrics/magistrix.c:43:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). result->size = strlen (data); data/glyr-1.0.10/lib/intern/lyrics/metallum.c:52:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). id_start += strlen (ID_START); data/glyr-1.0.10/lib/intern/lyrics/metrolyrics.c:78:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). result->size = strlen (result->data); data/glyr-1.0.10/lib/intern/musictree/musictree.c:125:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gsize len = strlen (song_dir_path); data/glyr-1.0.10/lib/intern/photos/bbcmusic.c:43:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). result->size = strlen (content); data/glyr-1.0.10/lib/intern/photos/discogs.c:71:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t rc_size = strlen (url); data/glyr-1.0.10/lib/intern/photos/discogs.c:89:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). rc->size = strlen (url); data/glyr-1.0.10/lib/intern/photos/flickr.c:72:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cache->size = strlen (cache->data); data/glyr-1.0.10/lib/intern/photos/lastfm.c:87:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gchar * begin = root + strlen (SIZE_FO); data/glyr-1.0.10/lib/intern/photos/lastfm.c:98:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cache->size = strlen (urlb); data/glyr-1.0.10/lib/intern/photos/rhapsody.c:111:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). result->size = strlen (url); data/glyr-1.0.10/lib/intern/photos/singerpictures.c:118:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). item->size = strlen (item->data); data/glyr-1.0.10/lib/intern/relations/generated.c:52:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). result->size = strlen (result_url); data/glyr-1.0.10/lib/intern/relations/musicbrainz.c:56:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tmp->size = strlen (tmp->data); data/glyr-1.0.10/lib/intern/review.c:39:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). item->size = (item->data) ? strlen (item->data) : 0; data/glyr-1.0.10/lib/intern/review/amazon.c:48:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). result->size = result->data ? strlen (result->data) : 0; data/glyr-1.0.10/lib/intern/review/echonest.c:56:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(summary) >= 125) { data/glyr-1.0.10/lib/intern/review/echonest.c:59:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). result->size = strlen(result->data); data/glyr-1.0.10/lib/intern/review/metallum.c:55:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). item->size = strlen (item->data); data/glyr-1.0.10/lib/intern/review/metallum.c:74:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gsize nodelen = strlen (NODE_START); data/glyr-1.0.10/lib/intern/similar_artist/lastfm.c:67:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). result->size = strlen (composed); data/glyr-1.0.10/lib/intern/similar_song/lastfm.c:57:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). result->size = strlen (result->data); data/glyr-1.0.10/lib/intern/tags/musicbrainz.c:66:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (value) > 0) data/glyr-1.0.10/lib/intern/tracklist/musicbrainz.c:59:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cont->size = strlen (cont->data); data/glyr-1.0.10/lib/jsmn/jsmn_test.c:37:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). && strlen(s) == (t).end - (t).start) data/glyr-1.0.10/lib/stringlib.c:174:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gsize result_len = strlen (result_string); data/glyr-1.0.10/lib/stringlib.c:251:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gsize str_len = strlen (normalized_string); data/glyr-1.0.10/lib/stringlib.c:252:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gsize oth_len = strlen (normalized_other); data/glyr-1.0.10/lib/stringlib.c:482:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t i = 0, len = strlen (data); data/glyr-1.0.10/lib/stringlib.c:816:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gsize sR_len = strlen (string), sR_i = 0; data/glyr-1.0.10/lib/stringlib.c:835:21: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (cmp_buf, string + aPos + 1 ,diff-1); data/glyr-1.0.10/lib/stringlib.c:856:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gsize trans_len = strlen (html_to_unicode_table[iter][1]); data/glyr-1.0.10/lib/stringlib.c:857:25: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (sResult + sR_i, html_to_unicode_table[iter][1], trans_len); data/glyr-1.0.10/lib/stringlib.c:890:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gsize Len = (length < 0) ? strlen (string) : (size_t) length; data/glyr-1.0.10/lib/stringlib.c:922:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gsize str_len = strlen (string), buf_pos = 0; data/glyr-1.0.10/lib/stringlib.c:962:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gsize Len = strlen (unicode); data/glyr-1.0.10/lib/stringlib.c:1082:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (buffer,begin,length); data/glyr-1.0.10/lib/stringlib.c:1096:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gsize len = strlen (string); data/glyr-1.0.10/lib/stringlib.c:1145:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). begin += strlen (name); data/glyr-1.0.10/lib/testing.c:34:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gsize name_len = strlen (provider_name); data/glyr-1.0.10/spec/capi/check_api.c:147:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). c->size = strlen ("Hello?"); data/glyr-1.0.10/src/glyrc/escape.c:205:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t path_len = strlen (path); data/glyr-1.0.10/src/glyrc/escape.c:222:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t subs_len = strlen (subsitution); data/glyr-1.0.10/src/glyrc/escape.c:229:25: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (retv+off,&path[i],escape_len + 2); data/glyr-1.0.10/src/glyrc/glyrc.c:442:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gsize opt_len = strlen (optarg); data/glyr-1.0.10/src/glyrc/glyrc.c:619:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gsize write_len = strlen (CBQueryData->output_path); data/glyr-1.0.10/src/glyrc/glyrc.c:699:56: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (g_ascii_strncasecmp (elem->name,string,strlen (elem->name) ) == 0) data/glyr-1.0.10/src/utils/guess_lang.c:62:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gsize map_len = strlen (to_map); data/glyr-1.0.10/src/utils/ping_url.c:51:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gsize ctt_len = strlen (cttp); data/glyr-1.0.10/src/utils/ping_url.c:110:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gsize len = strlen (string); ANALYSIS SUMMARY: Hits = 137 Lines analyzed = 21380 in approximately 0.61 seconds (35329 lines/second) Physical Source Lines of Code (SLOC) = 13092 Hits@level = [0] 15 [1] 102 [2] 26 [3] 3 [4] 6 [5] 0 Hits@level+ = [0+] 152 [1+] 137 [2+] 35 [3+] 9 [4+] 6 [5+] 0 Hits/KSLOC@level+ = [0+] 11.6101 [1+] 10.4644 [2+] 2.67339 [3+] 0.687443 [4+] 0.458295 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.